Ali Hadi | B!n@ry @binaryz0ne Twitter profile

Pinned Tweet

Ali Hadi | B!n@ry

@binaryz0ne

9 months

Please don’t lie to me… I can respect a bad decision you made, but I can’t respect a lier!

1

10

62

Last Seen Profiles

@Ratna36142436

@hautepop

@B0Jbe

@yukurach

@AbwFyf58004

@theobserver802

@badmangrooming

@CEI_Staffing

@TritiumCharging

@aiFilmAcademy

@jp67805158

@fthATES2684

@graetgalaxy

@RichardC94683

@curly60e

@Mikesback2

@bob59897675

@fdl20202

@LightsHorus

@centralgmioto

@carso6367

@koleksi_indo1

@Aggieshoops

@_AdrianaDaniels

@haru3778

@SHkayty

@Arionapi31147

@Robin766hi1

@arnonband

@tsulsnebel

@BilyaminuMikah

@PoopQos74680

@yourpoisonheart

@ArowiAron

@betplus

@LCUnitedUnion

Ali Hadi | B!n@ry

@binaryz0ne

2 years

Uploaded all my Offensive Security & Reverse Engineering (OSRE) course labs (docx) to my repo found below. Most of them have very detailed instructions and should be great to get you started in Software Exploitation. 1/n #Offsec #SoftwareExploitation #RE

99

2K

6K

Ali Hadi | B!n@ry

@binaryz0ne

3 years

Hey #DFIR community. If you need forensic images to play with or to use for your training, then please feel free to use my images found here: I have fixed all broken URLs thanks to @bunsofwrath12 . They are free to use even for commercial training.

20

237

751

Ali Hadi | B!n@ry

@binaryz0ne

3 years

You can download all the Windows Forensics Workshop files from the URL below #DFIR Files: Video:

5

241

732

Ali Hadi | B!n@ry

@binaryz0ne

3 years

If you do anything related to #DFIR especially NTFS forensics, then you should check @kacos2000 MFT_Browser, it is AMAZING! Download:

4

260

703

Ali Hadi | B!n@ry

@binaryz0ne

6 months

One of the most important skills in #DFIR is using a hex-editor. Therefore, I created a 40+ video series on how to use 010-editor, which is probably the best Hex Editor out there!

9

149

655

Ali Hadi | B!n@ry

@binaryz0ne

4 years

كثيراً ما يتم سؤالي، كيف أبدأ في مجال الأدلة الجنائية الرقمية أو حتى في الأمن السيبراني؟ جوابي كان ولا يزال نفسه: دراسة نُظم التشغيل! بدأت في عمل خارطة توضح المواضيع التي يتم تغطيتها في نُظم التشغيل، وهي نفس المواضيع التي سوف تحتاجها في جميع مجالات DFIR و Cybersecurity

11

103

587

Ali Hadi | B!n@ry

@binaryz0ne

4 years

نصيحة لكل مهتم بالأمن السيبراني بمختلف تخصصاته وفروعه. أهم بحث ممكن تقرأه في مشوارك التعليمي هو: Reflections on Trusting Trust البحث عبارة عن 3 صفحات! نعم، 3 صفحات فقط، ولكن الفائدة التي فيه عظيمة! ملاحظة: لو قرأت البحث ولم تفهم من أول مرة، فلا تقلق وأعد القراءة مرة آخرى...

7

64

527

Ali Hadi | B!n@ry

@binaryz0ne

5 years

The Linux Forensics workshop (labs, slides, forensic images "E01")+talk done at #OSDFCon 2019, is now available here: #DFIR #Linux #Forensics

GitHub - ashemery/LinuxForensics: Everything related to Linux Forensics

Everything related to Linux Forensics. Contribute to ashemery/LinuxForensics development by creating an account on GitHub.

github.com

7

242

510

Ali Hadi | B!n@ry

@binaryz0ne

4 years

If you need a @cuckoosand Sandbox to run test on your samples or files you collected, now you can do that from a VM and no need for a dedicated machine. This version also has #Moloch integrated with it. Please share if useful #Malware #DFIR . Download URL:

15

195

455

Ali Hadi | B!n@ry

@binaryz0ne

2 years

This is probably the best Windows.edb analyzer that I've seen so far! #DFIR #WindowsForensics

4

120

415

Ali Hadi | B!n@ry

@binaryz0ne

3 years

If you missed the Windows Forensics Workshop I did last week @BSidesAmman , you can find URLs to all the files, recording, etc below. It will be added as a free course to play with and check the answers @cyber5w very soon too. #DFIR #Windows

GitHub - ashemery/WindowsDFIR: Repository for different Windows DFIR related CMDs, PowerShell...

Repository for different Windows DFIR related CMDs, PowerShell CMDlets, etc, plus workshops that I did for different conferences or events. - ashemery/WindowsDFIR

github.com

3

123

385

Ali Hadi | B!n@ry

@binaryz0ne

2 years

Over the last couple of years, me and my team have covered a lot about #Linux #DFIR . Lots of system and GUI artifacts has been covered and can be found here:

GitHub - ashemery/LinuxForensics: Everything related to Linux Forensics

Everything related to Linux Forensics. Contribute to ashemery/LinuxForensics development by creating an account on GitHub.

github.com

3

136

379

Ali Hadi | B!n@ry

@binaryz0ne

2 years

This is probably the best project about undocumented Windows Kernel data structures that I've ever seen. If you do anything related to coding, RE, #Malware , #DFIR , etc, then you should keep this project bookmarked!

Vergilius Project

Take a look into the depths of Windows kernels and reveal more than 60000 undocumented structures.

www.vergiliusproject.com

2

117

369

Ali Hadi | B!n@ry

@binaryz0ne

4 years

السلام عليكم. الاتحاد السعودي للأمن السيبراني والبرمجة والدرونز @SAFCSP مشكوراً، سوف يقوم بإستضافتي ضمن فعاليات #سايبر_نايت لعقد ورشة عمل تحت عنوان "Linux Forensics". إذا كنت تريد المتابعة والتطبيق معي، فأرجوا أن تقوم بتحميل جميع الملفات الموجودة هنا:

MEGA

MEGA provides free cloud storage with convenient and powerful always-on privacy. Claim your free 20GB now

mega.nz

24

112

349

Ali Hadi | B!n@ry

@binaryz0ne

3 years

Last semester I was lucky to teach a group of amazing undergrad students (thank you!) my "Offensive Security & Reverse Engineering" course @ChamplainEdu #offsec #exploit #exploitation Today, I'm publishing the whole course here: Please read 1/n

OFFENSIVE SECURITY & REVERSE ENGINEERING (OSRE) Course

Offensive Software Exploitation Course

exploitation.ashemery.com

12

164

346

Ali Hadi | B!n@ry

@binaryz0ne

3 years

I'm currently recording my Offensive #SoftwareExploitation course in English for my students at the college, but sharing it here too, maybe it is useful to someone! More info can be found here:

OFFENSIVE SECURITY & REVERSE ENGINEERING (OSRE) Course

Offensive Software Exploitation Course

exploitation.ashemery.com

7

107

342

Ali Hadi | B!n@ry

@binaryz0ne

4 years

قمت بتسجيل هذا الفيديو، لتوضيح أهمية مادة الـ Operating Systems بالنسبة للمهتمين في مجال Cybersecurity والـ DFIR. إن شاء الله يكون مفيد.

6

55

324

Ali Hadi | B!n@ry

@binaryz0ne

4 years

Why learning OS is important for your #Cybersecurity | #DFIR career? Check what you will learn in this mindmap (). Or download PDF: | PNG:

6

75

317

Ali Hadi | B!n@ry

@binaryz0ne

4 years

My "Offensive Software Exploitation" course could be found below (currently in Arabic). #Offsec #Software #Exploitation Topics that will be covered:

Offensive Software Exploitation (OSE) - Arabic

Offensive Software Exploitation (OSE) Course - Arabic version

www.youtube.com

16

72

295

Ali Hadi | B!n@ry

@binaryz0ne

4 months

If you're interested in developing #Exploits or preparing for #oscp or even #OSED certification exam, then this FREE course will help you! #offsec #debugger

7

80

280

Ali Hadi | B!n@ry

@binaryz0ne

3 years

If you want #DFIR cases-studies (Windows|Linux) to play with, you can find plenty here: Also on my website+Github account.

2

91

277

Ali Hadi | B!n@ry

@binaryz0ne

13 days

If you're new to PE file analysis? Then these videos using the 010 Editor guides you through everything from the basics to understand the Windows PE file format. You'll learn the PE file structure, plus howto use 010 Editor #DFIR #Malware #Windows #PE

3

62

279

Ali Hadi | B!n@ry

@binaryz0ne

2 years

Important note to those new to this account. The course below is completely FREE. I know someone (maybe more) has ripped the videos & probably now the labs & is selling them on @udemy . Please do not pay for this course, it is FREE! #ExploitDev #Offsec

OFFENSIVE SECURITY & REVERSE ENGINEERING (OSRE) Course

Offensive Software Exploitation Course

exploitation.ashemery.com

7

104

268

Ali Hadi | B!n@ry

@binaryz0ne

1 year

All material for our Linux Forensics workshop done @DFRWS can be found below. The case used involved a compromised Hadoop cluster with compromised accounts, EoP, lateral movement, & diff persistent mechanisms! #DFIR CC: @maryst33d @_cyberyom @leahycenter

Linux Forensics Workshop @ DFRWS USA 2023

Everything related to Linux Forensics

linuxdfir.ashemery.com

1

96

267

Ali Hadi | B!n@ry

@binaryz0ne

9 months

Want to start learning about software exploitation? Then check my FREE course below. More than 12h+ of recorded hands-on content and all the labs, slides, etc are published completely FREE! The course start with the very basics. #Cybersecurity #exploit

3

82

254

Ali Hadi | B!n@ry

@binaryz0ne

4 years

الفيديو الأول من كورس Offensive Software Exploitation. مقدمة بسيطة عن PE File Format وأشياء آخرى.

7

46

246

Ali Hadi | B!n@ry

@binaryz0ne

4 years

قمت برفع جميع ملفات الكورس من سلايدات، لابات، والملفات المستخدمة لكتابة الإستغلال. يرجى عمل نسخ من المستودع والقيام بتحديثه بشكل دوري.

GitHub - ashemery/exploitation-course: Offensive Software Exploitation Course

Offensive Software Exploitation Course. Contribute to ashemery/exploitation-course development by creating an account on GitHub.

github.com

7

51

239

Ali Hadi | B!n@ry

@binaryz0ne

3 years

During the last two years, we shared a lot about #LinuxForensics #DFIR at DFRWS, MVS, NW3C, OSDFCon, SANS DFIR, & many more. All of the work can be found here: Follow this thread to understand what's shared and check the repo to know the team plus others.

Linux Forensics

Everything related to Linux Forensics

linuxdfir.ashemery.com

3

91

236

Ali Hadi | B!n@ry

@binaryz0ne

3 years

Working with a hex-editor is a very important #DFIR skill. I'm releasing the videos I recorded on how to use the 010 Editor for FREE. These videos were done for our @cyber5w "Working with Files" course. Your feedback is very important to us!

Working with 010 Hex-Editor

How to use the 010 editor for DFIR related tasks.

www.youtube.com

4

70

228

Ali Hadi | B!n@ry

@binaryz0ne

5 years

Creating a Hidden Prefetch File to Bypass Normal Forensic Analysis #DFIR #ThreatHunting

11

100

225

Ali Hadi | B!n@ry

@binaryz0ne

5 months

I maintain a simple Google doc of tools and useful resources for #Malware analysis. I converted it to a GitHub repo to make it easier for me to update and share with you all. If you have any feedback or if you recommend a tool, please let me know. #DFIR

GitHub - ashemery/malware-tools: A list of useful tools for Malware Analysis (will be updated...

A list of useful tools for Malware Analysis (will be updated regularly) - ashemery/malware-tools

github.com

5

76

217

Ali Hadi | B!n@ry

@binaryz0ne

4 years

جميع الفيديوهات لكورس Offensive Software Exploitation، سوف يتم رفعها على القناة الموجودة في الأسفل. شكراً لجميع من شجع على ذلك، وإن شاء الله يكون الكورس مفيد للجميع.

Ali Hadi

Hi, I'm Ali Hadi, and this is my channel dedicated to the dynamic world of Cybersecurity in general and Digital Forensics and Incident Response (DFIR) in specific. Here, we'll dive into Digital...

www.youtube.com

7

51

213

Ali Hadi | B!n@ry

@binaryz0ne

3 years

Finally found my intro to IOCs and writing Yara rules recordings. I've uploaded all three of them. IOCs and Yara - Part #1 Hey @cyb3rops I would appreciate it, if you have time to check these videos and let me know if I'm missing anything? #DFIR #Yara

IOCs and Yara - Part #1

What are IoCs and what is Yara and how to write Yara rules.

www.youtube.com

5

65

204

Ali Hadi | B!n@ry

@binaryz0ne

8 months

If anyone needs #DFIR case studies for their practice, training, whatever? Then please check the ones I've created over the years! Enjoy them! #Cybersecurity

6

73

207

Ali Hadi | B!n@ry

@binaryz0ne

4 years

في الرابط الموجود بالأسفل عناوين المواضيع التي قمت بتدريسها في جامعتي السابقة والحالية. أرجوا أن تقومو بالإطلاع عليها: هي مفيدة جداً للمهتمين في هذا المجال وكذلك لمن لديه إمتحان لأي شهادة فيها Exploitation. لو وصل عدد المهتمين الى 500+ سوف أقوم بتسجيلها.

GitHub - ashemery/exploitation-course: Offensive Software Exploitation Course

Offensive Software Exploitation Course. Contribute to ashemery/exploitation-course development by creating an account on GitHub.

github.com

6

40

201

Ali Hadi | B!n@ry

@binaryz0ne

1 year

Hey #DFIR & #Malware community. A memory forensics case were you are required to analyze a memory dump of a Windows 10 system that has been hit with a #Ransomware . Let the games begin. Please share! $100 bounty will be paid to whoever solves this case!

6

58

201

Ali Hadi | B!n@ry

@binaryz0ne

1 month

Another sneak peek! #DFIR #C2

13

17

202

Ali Hadi | B!n@ry

@binaryz0ne

1 year

All our Linux Forensics material will be shared on our GitHub page. #DFIR

Linux Forensics

Everything related to Linux Forensics

linuxdfir.ashemery.com

4

52

194

Ali Hadi | B!n@ry

@binaryz0ne

3 years

The updated version of tiny_tracer developed by @hasherezade is truly impressive. I tested it with a simple keylogger (no obfuscation) that I have for my students and the results are as you see in the figure below. Amazing! #DFIR #Malware

4

28

189

Ali Hadi | B!n@ry

@binaryz0ne

3 years

Are you attending my Windows Forensics workshop today? Then while I'm uploading the E01 again, please download: 1. @EricRZimmerman tools + (sponsor him on Github) 2. FTK Imager or @ArsenalRecon Image Mounter 3. 010 Editor (trial is fine) 4. @nirsoft WinPrefetchView + HashMyFiles

7

37

190

Ali Hadi | B!n@ry

@binaryz0ne

2 years

Challenge #7 - SysInternals Case #DFIR This should be a fun investigation and hope you enjoy it as much as we did... Thanks again @keydet89 and @cyber5w

7

59

189

Ali Hadi | B!n@ry

@binaryz0ne

4 years

Thanks to @eLearnSecurity and @ine for their support, my "Offensive Software Exploitation" course will also be recorded in English... You can check what will be covered here: YES this is a FREE course!!! #Offsec #Exploitdev #Software #Exploitation

GitHub - ashemery/exploitation-course: Offensive Software Exploitation Course

Offensive Software Exploitation Course. Contribute to ashemery/exploitation-course development by creating an account on GitHub.

github.com

8

65

181

Ali Hadi | B!n@ry

@binaryz0ne

3 years

My son @electronicbots officially finished high school today. Few achievements: Cyber Patriot 3y in a row @hackthebox_eu Hall of Fame #OSCP @offsectraining Certs @eLearnSecurity 10+ badge @PentesterLab Finally passed @synack RedTeam tests! I'm very proud of you! #Gradulations

32

8

170

Ali Hadi | B!n@ry

@binaryz0ne

3 years

If you recently started following this account & interested in Offensive Security #offsec , then plz check my Offensive Software Exploitation Course below. There is more than 8h of recorded content & everything could be downloaded from my Github repo too.

Offensive Software Exploitation (OSE) - English

Offensive Software Exploitation (OSE) course - English version.

www.youtube.com

3

53

168

Ali Hadi | B!n@ry

@binaryz0ne

3 years

If you're interested in #Linux Forensics #DFIR , then make sure to check this:

Linux Forensics

Everything related to Linux Forensics

linuxdfir.ashemery.com

1

67

169

Ali Hadi | B!n@ry

@binaryz0ne

3 years

Today we officially announce the birth of our @cyber5w project!. Thanks to everyone working behind the scene with us to make this project come to life and we hope to make digital forensics training accessible to everyone. #DFIR

51

46

167

Ali Hadi | B!n@ry

@binaryz0ne

4 years

Just wanted to announce that I will be working with @hackthebox_eu to bring more cool stuff to the box... Stay tuned 😉

29

8

159

Ali Hadi | B!n@ry

@binaryz0ne

3 years

What malware samples would you recommend using to teach malware analysis for new students and why? Please let me know. I would love to know your recommendations #DFIR #Malware

32

38

152

Ali Hadi | B!n@ry

@binaryz0ne

3 years

I created this video last year about "Tracing Windows APIs using Tiny_Tracer" which is a great tool developed by @hasherezade ... If you find anything in my explanation incorrect, I would appreciate the feedback! THANK YOU Hasherzade! #DFIR #Malware

3

51

148

Ali Hadi | B!n@ry

@binaryz0ne

4 years

التسجيل الخاص بورشة العمل Linux Forensics التي أستضافني بها الاتحاد السعودي للأمن السيبراني والبرمجة والدرونز @SAFCSP ممكن تجدونها مسجلة على اليوتيوب هنا: My Linux Forensics Workshop recorded in Arabic, but the manual is mostly English. #DFIR

6

33

146

Ali Hadi | B!n@ry

@binaryz0ne

4 years

المحاضرة الثانية من كورس Offensive Software Exploitation وشرحت رأيي بشكل بسيط حول الـ Bug Hunting. الفيديو موجود هنا:

4

22

139

Ali Hadi | B!n@ry

@binaryz0ne

5 months

Here is my #Friday #giveaways ! Like, retweet and share with your network... I'll randomly choose on Monday 4/1 two winners to get the full "C5W Certified Malware Analysis" course and certification for FREE... You should not miss this! #DFIR #Malware

14

114

137

Ali Hadi | B!n@ry

@binaryz0ne

2 years

Event log analysis can't get any better/cooler than this! Thanks to #hayabusa from @SecurityYamato #DFIR

1

29

140

Ali Hadi | B!n@ry

@binaryz0ne

3 years

When one of the prestigious cybersecurity vendors (also does malware analysis) contacts you & asks you to develop a malware analysis course for them, that’s a recognition of its own! Thanks to all those who took any of my courses, this wouldn’t be possible without you! 🙏🏻

10

3

141

Ali Hadi | B!n@ry

@binaryz0ne

2 years

I've been asked a lot about Operating Systems resources (Courses & Books). Therefore I added the ones that are not only my favorites, but the ones I learned most from to my OS repo found below. They include books for both @zodiacon and @mkerrisk .

GitHub - ashemery/OS: Python code illustrating different operating system terminologies, techniqu...

Python code illustrating different operating system terminologies, techniques, and solutions - ashemery/OS

github.com

6

24

135

Ali Hadi | B!n@ry

@binaryz0ne

2 years

A tool that I highly recommend anyone doing #DFIR to start learning is #CyberChef ...

6

18

138

Ali Hadi | B!n@ry

@binaryz0ne

2 years

The only labs I did not upload, were the RE labs, because most of them were from online CrackMe(s) and from @OphirHarpaz online #RE workshop found below. 2/n

2

24

136

Ali Hadi | B!n@ry

@binaryz0ne

2 years

Yesterday while traveling back home from #MagnetSummit2022 , got an email about being promoted to "Associate Professor". While I don't really care about titles, but it's been over a decade! Every time I get close to a promotion, I change my job & it never happened! It did now 🙏🏻

53

4

132

Ali Hadi | B!n@ry

@binaryz0ne

1 year

Our Linux Forensics workshop material we used for the National Cyber Crime Conference 2023 has been uploaded and can be found on our repo below. #DFIR CC: @maryst33d @leahycenter

NCCC-23 Conference Material

Everything related to Linux Forensics

linuxdfir.ashemery.com

1

62

130

Ali Hadi | B!n@ry

@binaryz0ne

3 years

وأخيراً والحمد لله تم إعادة تشغيل مُجتمع لينُكس العربي @linux_ar #لينُكس #لينكس أعتذر لجميع الشباب المهتمين في التعلم بسبب الإيقاف الذي حصل ...

11

27

128

Ali Hadi | B!n@ry

@binaryz0ne

2 years

Would you be interested if I do a video series on basic OS Internals? #DFIR #Cybersecurity If this poll reaches at least 1K of interaction, I will start recording. Feel free to drop suggestions, otherwise I'll prepare a draft ToC. Focus will be on the Windows Operating System.

Yes

1307

No

49

14

80

129

Ali Hadi | B!n@ry

@binaryz0ne

1 year

What is the best way to delete Windows Event Logs? Option #1 (not good and does not clear everything): Get-EventLog -LogName * | ForEach { Clear-EventLog $_.Log } Option #2 : Wevtutil el | ForEach { wevtutil cl “$_”} What else have you spotted TA use? #DFIR #SOC #Logs

4

28

130

Ali Hadi | B!n@ry

@binaryz0ne

4 years

Mind map showing Operating Systems components that are important for anyone doing #Cybersecurity / #DFIR خريطة ذهنية تُظهر مكونات أنظمة التشغيل المهمة لأي شخص يقوم بالأمن السيبراني / #DFIR

1

28

125

Ali Hadi | B!n@ry

@binaryz0ne

4 years

شباب، جميع ملفات كورس Offensive Software Exploitation حالياً سوف يمكنك الوصول لها من خلال الرابط الذي بالأسفل. سوف أقوم برفعهم بعد الإنتهاء الى Github. حالياً ستجدون الفيديو الأول والثاني، والسلايدات التي أستخدمتها في الفيديو الثاني كذلك.

0

32

125

Ali Hadi | B!n@ry

@binaryz0ne

1 month

New Free #DFIR case study! "We have a system that has been compromised by a malware and the only evidence we have is the system's Unallocated space!" Let's see who can solve this one!

5

38

126

Ali Hadi | B!n@ry

@binaryz0ne

1 year

Part-1, 2, and 3 ... all Linux Forensics #DFIR

3

24

119

Ali Hadi | B!n@ry

@binaryz0ne

4 years

8 days ago I took my mother to the emergency because she had a heart attack. This weekend we did a COVID-19 test for her and unfortunately she now tests positive. I have not done a test for myself yet. Please keep her in your thoughts or prayers🤲🏻.. Thank you and stay safe...

89

1

121

Ali Hadi | B!n@ry

@binaryz0ne

2 years

Want to learn how to use a hex-editor "010 Editor" & parse binary format files (e.g. PE files)? Then this is a series of 41 videos (so far) that should help you #DFIR #HexEditor #010Editor

Working with 010 Hex-Editor

How to use the 010 editor for DFIR related tasks.

www.youtube.com

1

40

118

Ali Hadi | B!n@ry

@binaryz0ne

9 months

I've created a video to explain howto generate timelines and use the @TimesketchProj tool. I hope it will be useful to someone! #DFIR "Working with log2timeline and Timesketch"

5

34

119

Ali Hadi | B!n@ry

@binaryz0ne

8 months

One VM, but with a full #RedTeam playground! Can't thank you @M4yFly enough! #GOADv2

4

11

121

Ali Hadi | B!n@ry

@binaryz0ne

3 years

Just 10 years and 3 days ago!

9

4

115

Ali Hadi | B!n@ry

@binaryz0ne

4 years

Reminder: tomorrow will be doing a webinar about Linux Forensics. If you're interested, just register. It is free, not gonna charge you anything :) #DFIR #LinuxForensics

NW3C, Inc.

@NW3CNews

4 years

Why do you need to learn Linux forensics? Over 96% of web servers run Linux, but free training is hard to find. Check out this article from @ForensicFocus : . Dr. Ali Hadi from @ChamplainEdu will be joining us for a free webinar on Linux forensics 12/28.

0

18

61

2

44

117

Ali Hadi | B!n@ry

@binaryz0ne

3 years

There is a reason why I keep recommending @zodiacon 's books. Check the photos and tell me if you find this in an ordinary programming book? I will leave the answer to you! CC: #DFIR #Malware #SysInternals #Cybersecurity #Windows10

2

17

114

Ali Hadi | B!n@ry

@binaryz0ne

2 years

URL to the course: URL to recorded videos (EN): URL to recorded videos (AR):

Offensive Software Exploitation (OSE) - Arabic

Offensive Software Exploitation (OSE) Course - Arabic version

www.youtube.com

3

20

114

Ali Hadi | B!n@ry

@binaryz0ne

7 months

A simple video showing that you can use ProcessHacker to detect if the malware sample you are analyzing installs a service #Malware #DFIR

How Process Hacker Can Easily Detect a Malware Installing a Windows...

This video is to show a cool feature in Process Hacker that could help detect the installation of a Windows Service which might be done by a malware sample y...

www.youtube.com

1

29

110

Ali Hadi | B!n@ry

@binaryz0ne

4 years

If you attended my #LinuxForensics webinar earlier today, you can find the presentation and other material in the repo below #DFIR Also recommend following @CraigHRowland @d1r4c @br_endian @vicgriswold and the man behind Tsurugi Linux @Sug4r7 Repo:

GitHub - ashemery/LinuxForensics: Everything related to Linux Forensics

Everything related to Linux Forensics. Contribute to ashemery/LinuxForensics development by creating an account on GitHub.

github.com

3

36

109

Ali Hadi | B!n@ry

@binaryz0ne

8 months

Finally found time to play with GOAD from @M4yFly . Currently deployed all of it within a single VM (nested virtualization). Amazing project, thank you so much for the time and efforts to build this! ... Check it out here:

3

17

108

Ali Hadi | B!n@ry

@binaryz0ne

3 years

To Whom It May Concern: Any video on my YouTube channel which I actually made because of you, is for FREE. Do not pay a cent for them. #DFIR #Offsec #Malware #ExploitDev . Thanks to @Sakib_Janjua and @DfirDiva for reporting.

Ali Hadi

Hi, I'm Ali Hadi, and this is my channel dedicated to the dynamic world of Cybersecurity in general and Digital Forensics and Incident Response (DFIR) in specific. Here, we'll dive into Digital...

www.youtube.com

1

25

109

Ali Hadi | B!n@ry

@binaryz0ne

3 years

هل تريد البداية في مجال إستغلال البرمجيات ولا تعلم من أين تبدأ؟ هذه سلسلة من 27 فيديو (لحد الآن) ممكن تساعدك. #Exploitation

Offensive Software Exploitation (OSE) - Arabic

Offensive Software Exploitation (OSE) Course - Arabic version

www.youtube.com

0

24

105

Ali Hadi | B!n@ry

@binaryz0ne

9 months

These are other videos that I rerecorded this semester for my students to configure and install Velociraptor from @velocidex . I hope they will be useful to someone! #DFIR Installing Velociraptor - Server Config Files

4

33

107

Ali Hadi | B!n@ry

@binaryz0ne

3 years

All the injection techniques implemented into @cyber5w AE system. They can all be applied remotely through the implant. #DFIR #AdversaryEmulation #Malware

3

40

105

Ali Hadi | B!n@ry

@binaryz0ne

4 months

These are GREAT reads! All credits to the author of these posts! #DFIR #Malware #Debugging #Memory "Windows Address Translation Deep Dive – Part 1" "Windows Address Translation Deep Dive – Part 2"

Windows Address Translation Deep Dive – Part 2

In the first part of this post series, we looked at how segmentation worked and how a virtual address (linear address) was constructed. This part we will exploring how our linear address is transla…

bsodtutorials.wordpress.com

1

29

106

Ali Hadi | B!n@ry

@binaryz0ne

3 years

If you need help with Linux Forensics? Please check out my repo with lots of content at the URL below, plus check @CraigHRowland and @hal_pomeranz work too #DFIR #log4j #DFIR #log4j

Linux Forensics

Everything related to Linux Forensics

linuxdfir.ashemery.com

3

37

104

Ali Hadi | B!n@ry

@binaryz0ne

4 months

This #Friday 's giveaway is our #C5W Windows Forensics Track. All you need to do is retweet and comment on this post. I'll draw the winner on Tuesday, April 9th. #DFIR #Malware #Cybersecurity #infosec

119

128

101

Ali Hadi | B!n@ry

@binaryz0ne

2 months

Fileless Malware Simulation #Malware #Simulation #DFIR #ThreatSimulation

0

30

104

Ali Hadi | B!n@ry

@binaryz0ne

3 years

If you write #Windows C++ code or incorporate code from others into your own tools & get confused with the different data types TCHAR/LPSTR/etc, then this old but very useful article could help you. "What are TCHAR, WCHAR, LPSTR, LPWSTR, LPCTSTR (etc.)?"

What are TCHAR, WCHAR, LPSTR, LPWSTR, LPCTSTR (etc.)?

Many Windows C++ programmers get confused over what bizarre data type identifiers like TCHAR and LPCTSTR are. Here, in brief, I will try to clear out the fog.

www.codeproject.com

2

35

99

Ali Hadi | B!n@ry

@binaryz0ne

2 years

If anyone wants to play our mini Linux #DFIR CTF that we created for #MagnetSummit2022 , then please check it here: Created by: me + @maryst33d + @cash_alayna Special thanks to @CyberDefenders for providing us with the CTF platform 🙏🏻

2

39

101

Ali Hadi | B!n@ry

@binaryz0ne

3 years

We made it to 40 videos just about 010 Editor and first example is parsing the PE File format #DFIR

Working with 010 Hex-Editor

How to use the 010 editor for DFIR related tasks.

www.youtube.com

1

29

98

Ali Hadi | B!n@ry

@binaryz0ne

4 years

You can also subscribe to @eLearnSecurity YouTube channel to watch my "Offensive Software Exploitation" course for free: #Exploitdev #OSE #exploitation

Offensive Software Exploitation (OSE) Free Course

eLearnSecurity researcher and Malware Analysis Professional course instructor, Ali Hadi, has created a new free online course: Offensive Software Exploitatio...

www.youtube.com

1

23

93

Ali Hadi | B!n@ry

@binaryz0ne

2 years

Started working at @leahycenter in 2019 as faculty fellow, then research lead, today I officially got promoted to the "Research Director"! Big thanks to Leahy Center Director Joe Williams and to all the students, staff and faculty that I worked with over the years. THANK YOU ALL

38

3

98

Ali Hadi | B!n@ry

@binaryz0ne

2 years

If you want to gain access to the file system of a Windows Sandbox, then make sure you attach the whole drive and not the C:\ volume. Check the screenshot for what is seen at volume level vs physical level. #DFIR #WindowsSandbox

2

23

92

Ali Hadi | B!n@ry

@binaryz0ne

4 months

Still in progress #malware #DFIR

3

19

97

Ali Hadi | B!n@ry

@binaryz0ne

4 months

Lots of #DFIR related videos can be found on my YouTube channel too. I'll be uploading more later. #Cybersecurity #infosecurity

1

21

95

Ali Hadi | B!n@ry

@binaryz0ne

1 year

Hey #DFIR community... if you want to play with some basic Anti-Forensic stuff related to the NTFS file system, please check the challenge me & @maryst33d created. I don't want to spoil it, but there is probably something in it that not many know about!

2

26

94

Ali Hadi | B!n@ry

@binaryz0ne

3 years

If you're studying any of the new Windows Debugging (Windbg) courses from @OpenSecTraining and need to configure two VMs on a Linux system for Windows Kernel Debugging? Then my post below should help you. #Windows #CyberSecurity #OST2

0

32

94

Ali Hadi | B!n@ry

@binaryz0ne

3 years

Here we go again with more #Windows11 #DFIR user activity. Check "ClockButton" value under: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FeatureUsage\TrayButtonClicked This tracks no. of times user clicks on the clock in the system tray. Now why does MS track that?😅

13

20

91

Ali Hadi | B!n@ry

@binaryz0ne

2 years

Do you have any cool Anti-Forensic ideas to share? #DFIR #DigitalForensics

16

13

93

Ali Hadi | B!n@ry

@binaryz0ne

4 years

من مُذكرات مُهاجر

20

10

89

Ali Hadi | B!n@ry

@binaryz0ne

4 years

Investigating Windows Scheduled Tasks used by Ransomware #DFIR #Ransomware #investigation

Investigating Windows Scheduled Tasks used by Ransomware

This video goes over known Windows artifacts when dealing with scheduled tasks, but also adds other artifacts which can be used to aid your Windows Scheduled...

www.youtube.com

1

22

92

Ali Hadi | B!n@ry

@binaryz0ne

4 years

"How Process Hacker Can Easily Detect a Malware Installing a Windows Service" #DFIR #Malware

How Process Hacker Can Easily Detect a Malware Installing a Windows...

This video is to show a cool feature in Process Hacker that could help detect the installation of a Windows Service which might be done by a malware sample y...

www.youtube.com

2

22

90