Detection Engineering @SpecterOps | @BSidesCape Organizer | @dcpthepodcast host | Security Researcher

Joined June 2016
For the past 6-7 months I have been diving into one of Windows core components - RPC. During my research, I found how to utilize RPC telemetry from a defensive perspective. I’ve compiled my findings in the following paper- ipc-research.readthedocs.io/…
11
284
586
Show this thread
Jonny Johnson retweeted
I’ve built a side project to show the functional status of the current #Sysmon version here: sysmon.works Note; It’s not complete yet, still adding things. There are some small manual tasks left so it will change over time, I plan to host historical info. Blog soon.
2
47
146
Excited to announce that none other then @olafhartong will be our first guest. Honored to have you on buddy!
We are pleased to announce that @olafhartong will be joining us on Episode 1, premiering January 18th, 2021!
0
4
23
Jonny Johnson retweeted
A new #Sysmon version also requires an update to my Sysmon-modular project. The main branch now supports version 13 and has several filters as examples. (filter carefully to not cause huge blind spots) Older versions are available in their branches. github.com/olafhartong/sysmo…
Sysmon 13 has just been released. I’ve just published a detailed look at the new ProcessTampering feature in a blog. medium.com/falconforce/sysmo… #DFIR #Infosec #Sysmon
2
16
67
Jonny Johnson retweeted
First Blog Post EVER - My JNCIE-SP Experience next-hopself.net
3
5
18
Show this thread
Jonny Johnson retweeted
Happy to announce what so many in the community have been waiting for so long! A lab extension to compose dashboards from notebook cells with a drag-and-drop UI. Resulting dashboards can be published as Voilà applications! blog.jupyter.org/dashboardin…
10
57
245
Show this thread
Jonny Johnson retweeted
We are now available on Apple Podcasts! Stay tuned for the Episode 1 announcement next week. podcasts.apple.com/us/podcas…
0
5
10
Jonny Johnson retweeted
ICYMI: Episode 0 is available on most podcast services, and YouTube: anchor.fm/dcppodcast
0
5
11
711