Advertisement ยท 728 ร— 90

Posts by Jim Clausing

Post image

๐Ÿง Teaching FOR577: Linux IR & Threat Hunting at SANS Austin, June 22โ€“27!

Hands-on labs, GLIR cert prep, NetWars, SANS@Night talks, great networking โ€” and legendary Austin BBQ. ๐Ÿ–

Early-bird pricing ends May 7th. Lock in your spot!
๐Ÿ‘‰ www.sans.org/cyber-securi... #SANS #FOR577 #DFIR

5 days ago 0 0 0 0
Post image

Hunting Linux threats in sunny San Diego? ๐ŸŒด๐Ÿš Iโ€™m running #FOR577 LINUX Incident Response & Threat Hunting at #SANSSecWest 2026 in May with โ€” hands-on labs, real-world IR, and threat hunting to level up your Linux DFIR game on the worldโ€™s favorite server OS. www.sans.org/cyber-securi...

1 month ago 1 0 1 0
Post image

This came today #donorforlife

5 months ago 1 0 0 0
Post image

2 more days to get the early-bird discount for one of my all-time favorite conferences, #SANS #DFIRCON in Miami in Nov. There are a bunch of hands-on workshops on Sun, 16 Nov, lots of evening events during the week #FOR577 my last in 2025. Reg here: www.sans.org/cyber-securi...

6 months ago 2 2 0 1
Post image

Linux touches every part of our networks. Our routers, switches, and firewalls likely run some flavor of Linux or Unix. Join me in London in July for the newly updated #SANS #FOR577 where we'll learn how to investigate attacks on Linux systems. www.sans.org/cyber-securi...

11 months ago 1 0 0 0
ISC Logo

ISC Logo

Tool update: sigs.py - added check mode https://isc.sans.edu/diary/31706

1 year ago 4 1 0 0
image of sans internet stormcenter logo with stormcast flair

image of sans internet stormcenter logo with stormcast flair

SANS Stormcast Monday Feb 24th: sigs.py update; Google Introdusing Quantum Safe Sigs; MSFT Update Win 11 issues; LTE/5G Vulns;
https://isc.sans.edu/podcastdetail/9336

1 year ago 2 2 0 0
ISC Logo

ISC Logo

Unfurl v2025.02 released https://isc.sans.edu/diary/31716

1 year ago 2 1 0 0
Post image

Join me in one of my favorite places for the updated FOR577. Now, with more BTRFS, more rootkits, and more Linux attacks. #FOR577 #SANSSecWest

1 year ago 2 0 1 0
Advertisement
ISC Logo

ISC Logo

New tool: immutable.py https://isc.sans.edu/diary/31598

1 year ago 3 1 0 0
Preview
New tool: immutable.py - SANS Internet Storm Center New tool: immutable.py, Author: Jim Clausing

I just posted a Handler's Diary, I've released a python script to find Linux files with the immutable bit set. #FOR577 @sansisc.bsky.social #SANSDFIR isc.sans.edu/diary/New+to...

1 year ago 1 0 0 0

Is that even a question? Of course, he does

1 year ago 0 0 1 0
Post image

And Google.
#DigitalForensics #MobileForensics #DFIR #Code

1 year ago 8 1 0 0

if you have a @github.com profile, can i ask you to update it with your @bsky.app handle? ๐Ÿ™

๐Ÿ‘‰ it enables some very cool integrations, like auto curated feeds and starter packs for contributors and tech

1 year ago 1002 207 84 17

Congrats to Tyler and Zachary for an outstanding job in the day 6 challenge

1 year ago 1 0 0 0
Post image

Since I'm trying out #Bluesky, I figured I should add in support for it in Unfurl!

The v2024.11.20 release has some minor updates, but the biggest feature is the ability to parse a timestamp from Bluesky post IDs (or atproto TIDs).

Example: dfir.blog/unfurl/?url=...

Give it a try at unfurl.link!

1 year ago 26 12 0 2

Awesome research ! - The Nearest Neighbor Attack: How A Russian #APT Weaponized Nearby Wi-Fi Networks for Covert Access - @volexity.com - www.volexity.com/blog/2024/11... #cyberespionage

1 year ago 14 5 2 0
Advertisement
Post image

Time to find the newest Lethal Forensicators #SANS #FOR610

1 year ago 4 0 2 0

Daughter tells me she heard today that if you wear a band T-shirt (especially as a young woman) and a man says to you โ€œname five of their songsโ€, the correct response is โ€œname five women who trust youโ€, so I pass this on in case any of you need it

2 years ago 6500 2408 76 101

So, I was considering the cost of #12DaysOfChrostmas gifts from #truelove and was wondering do I need to include 12 pear trees or can she just use the 2 we already have?

2 years ago 0 0 1 0
SANS Phoenix 2023 | Cyber Security Training SANS Phoenix 2023 (Dec 4-9) offers hands-on cybersecurity training taught by top industry practitioners. Attend Live Online or in Tempe, TX.

Join me for one of the last opportunities to take #SANS #FOR610 this year in virtual Phoenix/Tempe. #malware #malwareanalysis www.sans.org/cyber-securi...

2 years ago 0 0 0 0
Post image

Another great class and 2 more brand new lethal forensicators! Congratulations Takuya and Ryo! #SANS #FOR610 #malware

2 years ago 0 0 0 0
Preview
New tool: le-hex-to-ip.py - SANS Internet Storm Center New tool: le-hex-to-ip.py, Author: Jim Clausing

I dropped a quick little tool today after some discussion on class today of the /proc filesystem and network connections #dfir #for577 isc.sans.edu/diary/New%20...

2 years ago 1 0 0 0
Post image

Interested in learning #malware analysis Down Under? Join me as we bring SANS #FOR610 back to Syney in September

2 years ago 0 0 0 0
Post image

And here they are, congrats cow, Howard, and TerryTubby

2 years ago 0 0 0 0
Advertisement
Post image

Time to crown some new REM Masters in Singapore. Who will they be?

2 years ago 6 0 1 0