Extracting Files Embedded Inside Word Documents https://isc.sans.edu/diary/31486

New cyber humble bundle out! #DFIR #cyber #infosec #security www.humblebundle.com/books/hackin...

Happy Cyber Monday! 🎉 A brand-new 13Cubed episode on NTFS FILE record reuse is out now. Dive into the details and don’t forget—today’s the final day to save 13% on all 13Cubed training courses with code BLACKFRIDAY2024. Ends at 00:00 UTC Dec 3. www.youtube.com/watch?v=6LpJ... #DFIR

Thanks to LLMs, I no longer have to ever relearn regex. That alone is worth $20/month.

Wish @bsky.app had a Save Post / Read later feature 🤔

This one was so much fun! A bit of pcap analysis, some memory forensics and some binary analysis! #DFIR #btlo blueteamlabs.online/achievement/...

Found a repo with InfoSec Black Friday deals, including training platforms, courses, tools, and more 🥷 It looks like a well-curated and pretty extensive list! #infosec #dfir #cyber github.com/0x90n/InfoSe...

Anyone else experiencing huge delays and http errors from #microsoft #defender #XDR portal?

Looking for #DFIR mutuals 🙌 #infosec #cybersecurity #cyber #soc #security #blueteam #sansdfir

The Free & Affordable Training site (training.dfirdiva.com) was created to help people find quality free and low cost training across various platforms. The main focus is #DFIR, #OSINT & Blue Team Training. Nothing listed is over $1,000.

New here? Check out my one stop shop of #DFIR resources startme.stark4n6.com

I found out about MemProcFS at the DFIR summit in Prague, love it!

Prefetch files capture app execution data—timestamps, filenames, usage counts—and track accessed files/folders, offering insights into user activity and potential suspicious behavior. Location: C:\Windows\Prefetch Parsing tool: github.com/EricZimmerma... 💼🔍 #DFIR