Incident Responder turned developer

Cyber security nerd who enjoys building tools to support investigations. After leading numerous DFIR engagements, I enjoy building tools to enrich the analysis of security incidents and enable efficient investigation. Threat data, infrastructure security, and data enrichment are among the problem spaces I enjoy focusing on. Generally tinkering with new Python packages, CLI tools, and data analysis utilities.

Skills: Python Rust Web development Django AWS SQL DFIR DevOps CDK Ansible Docker/Containers Windows/Linux/macOS CI/CD Mentoring Project management

Projects

website screenshot

Python Forensics Handbook

Free reference for common tasks encountered when implementing DFIR scripts. These short snippets provide copy/paste templates to use to start parsing registry hives, analyzing Windows events, and reporting on JSON data. Open for contributions on GitHub and for use in your project!

Website GitHub
website screenshot

Secure development for all

A collection of resources to ease the process of integrating secure development practices. Includes a roadmap with suggested tools and how to install and configure them.

GitHub
website screenshot

RDP Snitch Honeypot

A honeypot that you can set up in a weekend to capture RDP traffic and share out findings via a Mastodon/Twitter/Pastebin bot. Includes enrichment of the observation and aggregation of statistics.

Blog Series Mastodon

Books

Book cover

Python Digital Forensics Cookbook

This book exhibits many of the Python libraries commonly used in digital forensics through small scripts (or recipes). Across the 60+ recipes, we explore how to process files with embedded metadata, parsing common file and registry artifacts, processing evidence stored as E01 files, integrating Python with common tools such as Axiom, EnCase, and Cellebrite, and much more. This book is available as Paperback & E-Book.

Packt Publishing Amazon GitHub
Book cover

Learning Python for Forensics

Learn the art of designing, developing, and deploying innovative forensic solutions through Python scripting. Staring with the basics and building on them chapter by chapter with practical examples. This book is available as Paperback & E-Book.

Packt Publishing Amazon GitHub