Sunday, May 2, 2021

Recovering Luddite?

Growing up Mennonite in Lancaster County with no computer, and no television, only to become a Digital Forensic Analyst and Incident Response Specialist living in New York City, has been quite a journey. My friends tell me the uniqueness of my life requires a blog, but I tell them, I haven't changed much, really.

Personal blog, nothing on here represents my employer.

InfoSec101 CheatSheet

So, you’re new to InfoSec you say?  How can I help?  Below are a few resources that I just put together for one of my mentee’s.  I offer a bunch of InfoSec links over at my DFIRLinks site:  The formatting on the blog is a bit wonky, so if you want this cheatsheet as a PDF, go here:

Jason Blanchard:
-Jason is amazing.  He runs a twice-weekly job search meet-up.  Jason works for one of the leading Cyber Security firms called Black Hills InfoSec (BHIS), owned by an industry luminary, John Strand. 

Tuesday Nights: 7-9pm ET 
Friday Afternoons: 1-3pm ET 

-Jason's job meet-up group meets over Twitch, once or twice each week.  It covers job hunting tactics and techniques, resume and interview tips, and much more.  People looking to fill open positions sometimes attend, and even recruiters have been known to attend because it’s so popular with strong candidates:

-Jason has archived some of the meet-ups on the BHIS YouTube channel:, and they are also on his Twitch channel:

-Jason's online handle is @BanjoCrashLand: 
"We're doing a 5-part extended series on each one of the aspects of the job hunt. 
52+ viewers have landed new jobs so far since March 2020."
Black Hills InfoSec (BHIS): 
BHIS runs weekly Cyber Security WebCasts which they often record and post afterward.  I try to never miss them!  They also offer discounted (pay what you can) training: 

Be sure to follow them on Twitter:

They also have an active Discord server:

-Here’s an example of their “Pay what you can” training: 

Wild West Hackin’ Fest: 
Wild West Hackin’ Fest is a Cyber Security conference by the folks at BHIS: 

-Here's an example WebCast from BHIS: The Dirty Truth Behind Breaking into Cybersecurity: 

Be sure to follow them on Twitter:
They also have an active Discord server:

Active Counter Measures (ACM):
John Strand of BHIS also runs: Active Counter Measures:
-ACM often runs free Threat Hunting classes:

Be sure to follow them on Twitter:

They also have an active Discord server:

Dave Kennedy/TrustedSec/Binary Defense: 
Dave Kennedy runs two companies (Trusted Sec and Binary Defense), and he has been known to “tweet” when they are hiring (often Junior level): 
"My favorite thing this year is we are opening up our junior program. To get new folks to INFOSEC trained up and into the field. Where best to learn!? #TrustedSec We are crazy hiring over at #TrustedSec and #BinaryDefense with more jobs being posted in the next few days. Have to shape our future, and more than pumped to have new folks coming into the industry." 

Be sure to follow them on Twitter:

They also have an active Discord server:

SANS Institute: 
Great courses as well as many free offerings:

Check out their “New-to-Cyber Field Manal”: 

Train up!  CTF’s: 
I offer a bunch of links to CTF’s and training video’s:, below is a sample: 
(1) Watch Ed's CTF talk which begins about 17.5 mins in: 
(5) Smash the Stack: 
(6) picoCTF: 
(7) WarGames (Bandit is recommended): 
(8) Daily CTF, just one challenge per day: 
(17) Hack the Box (free account works fine): 
(19) Cyber Defenders: 
(20) Try Hack Me:

I can count on one hand the recruiters whom I respect, and that’s as nice as I can put it; sorry, not sorry - been burned one too many times.  That being said, I do have two fantastic recruiters whom I can highly recommend:

Katie Owston 

John Terkovich 

Sunday, August 30, 2020


Finally! Successfully got the SANSInstitute PhilHagen SOF-ELK up and running in VirtualBox!  I struggled a bit with what others in #DFIR seemed to do with ease, so I created a CheatSheet I'm sharing in the off-chance it could lessen someone else's pain!

Wednesday, February 26, 2020

Thursday, December 12, 2019

The World's First Kringle Coin!

Mary Ellen & Friends - Holiday Hack!

What an honor it is to hold the world's first SANS HolidayHack KringleCoin. It was presented to me, in person, by Ed Skoudis himself, who drove all the way from SANS CDI in D.C., straight to Manhattan to personally hand me this award. I truly consider it one of my biggest professional achievements. Thank you so much, Ed Skoudis, SANS Institute, and BNY Mellon for hosting the event! If you missed our "live" NYC KringleCon party, and the excellent talk from our Guest Speaker, Vitali Kremez, the video is now posted:

Saturday, August 17, 2019

Holiday Hack Sneak Peek 2019


It seems the SANS Annual Holiday Hack Challenge buzz begins earlier and earlier every year.  This year is no exception.  My first Holiday Hack CheatSheet of the season is here!  HUGE shout-out to our RedTeam mole, @ssampana_tr for infiltrating the @edskoudis party in Vegas during BlackHat USA DEF CON week and reporting back clues.  Download v1.0 of my #KringleCon CheatSheet NOW!  Enjoy!