Evan H. Dygert

Part 2 of my shellcode analysis series is here! This time, we’re automating shellcode extraction with one of @hasherezade’s incredible open-source tools. 🎥 Watch now: youtu.be/D6Bm5vD78eY

Looking forward to teaching here!

It's not too late to join me at SANS Miami next week where I will be teaching FOR610: Reverse Engineering Malware! sans.org/u/1uiZ

Hey y'all, it's been a minute. I've been quite busy with the BRAND NEW revamp for @sansforensics FOR518 (Mac and iOS forensics). 💻NEW dataset with the latest versions of macOS and iOS 🔬All NEW Labs! 23 in fact! 📱Introducing @CorelliumHQ (First SANS Forensics course!) 🥽VisionPro Demo and Forensic Analysis 🎉Tons of new content and research 🧩New CTF-Style Forensics Challenge 🔜Classes in London this week (register now, starts Monday!), Baltimore (April), San Diego (May), Live Online @DFIR Summit (August), Prague (October), Live Online @DFIRCon (November), Live Online @Tokyo (December) and a new On Demand version coming out soon! Released this two weeks ago in Orlando, and it was A-Mazing (if I do say so myself...and I do.). Super fun and very exciting! This month marks the 10th anniversary of FOR518. 🥳

🤯 The level of sophistication of the XZ attack is very impressive! I tried to make sense of the analysis in a single page (which was quite complicated)! I hope it helps to make sense of the information out there. Please treat the information "as is" while the analysis progresses! 🧐 #infosec #xz

SANS Miami 2024 the week of June 3, to be specific.

If you want to learn about reverse engineering malware, I will be teaching the FOR610: Reverse Engineering Malware course at this conference!

A 3-minute episode with my "origin story," courtesy of @AxoniusInc . The video covers some of the life experiences that formed the foundation for my career: axonius.com/humans

In a landmark operation, the notorious #LockBit #ransomware gang faced a significant disruption. Dive into the details with @rj_chap & @BushidoToken as they dissect the recent events and forecast the ramifications for #cybersecurity 👉2/26 1:00 pm ET youtube.com/watch?v=Ith3Ig…

This is the way:

APIs related to memory allocation. Those can be useful to put breakpoints for unpacking. All of these end up at NtAllocateVirtualMemory, though.

Another week, another @SANSEMEA course. This time it was #FOR610. Thanks @NVISOsecurity for the opportunity and @edygert for being an amazing instructor throughout the week. I managed to walk away with one of the coins and my team was able to secure first place at #SANS #NetWars.

📢 Excited to announce my latest video on my YT channel, where I'll share my successes (and failures) analyzing #malware youtu.be/13vrVmq3PFQ

Join Summit chair @rj_chap Live Online for FREE at the #RansomwareSummit on Friday, June 23. Learn about #Ransomware intrusion emulation, tools and techniques for hunting ransomware operators, and more! ✍️ Don't miss out and register today: buff.ly/42k3mRr

SANS SEC673 is my new Advanced Information Security Automation with Python class. If you want to learn advanced python skills and apply them to infosec this is the course for you. Like the introduction course SEC573 with its GPYC Certification, SEC673 is filled with fun and educational hands on labs. Here are some student quotes: Student comments: “This stuff just isn’t taught in other coding classes” “Filled all the gaps of advanced concepts I’m not learning anywhere else” “This course was an incredible value” You will likely only have one opportunity to take this course in-person in 2023. That event is happening in SANS Rockville Maryland September 18 - 23. Sign up today with the following link! sans.org/cyber-security… @SANSInstitute #python #infosec #coding #programming #gpyc @SANSOffensive @SANSDefense @sansforensics

Join @robtlee & Max Shuftan for the FREE SANS #SmallBusinessSummit Live Online to learn essential tips from experts in the #cybersecurity field to help #SmallBusinesses become more secure & resilient. ✍️ Register Today for FREE: sans.org/u/1p0c youtu.be/qWyj-Zew4FM

If you've taken SEC573, this will take your skills to the next level. If not, you don't know what you're missing. Great stuff!

STAY AHEAD OF #RANSOMWARE LIVESTREAM SERIES | Host @rj_chap | 3/21 at 1:00 pm ET EPISODE 1 Top 5 misconceptions of Ransomware - Thinking you or your organization dont need to worry about ransomware? Ransomware is pervasive and anyone can be targeted. youtube.com/watch?v=ekdpO4…

How do #ransomware operators get into their "victim's" environments? #FOR528: Ransomware for #IncidentResponders will teach you the specifics of ransomware so you can prepare for, detect, hunt, respond to, and deal with the aftermath of an attack 👉 sans.org/u/1pqY