About

Leave a comment (0) Go to comments

Welcome to fork(), an information security and forensics blog.

I’m a cyber security analyst, digital forensic examiner, and writer from New York with a love of all things technical. My interests span multiple topics in cyber security and the site reflects that. While there are far more interesting infosec blogs out there (with actual updated content!!), I’m using this site to connect with others in the industry, discuss new technologies, and write about topics in incident response and forensics that I’m passionate about.

The site is not updated frequently.

Follow me on Twitter for site updates. If you see any errors or detect any security flaws, please report them.

If you know me from conferences, security meetups, cons, SF publishing events, OWASP, HTCIA, NYC 2600, or whatever, get in touch! I don’t respond to every email but I do read them (occasionally!) I’m always game for challenges and CTF events.

This site might or might not have updated content but I’ve also included some great DFIR/security links for those looking for a deeper understanding of the subject. The ones on volume shadow copies, incident response, new registry artifacts, and memory analysis, are particularly good. Also be sure to check out the whitepapers submitted by SANS Gold members (SANS Reading Room).

This blog is 100% vendor and organization independent. Although I might review or comment on vendor products on occasion, the views and opinions reflected on the blog are my own. I will not attempt to push or persuade you to purchase any goods or services. There are no advertisements here. The blog does make use of analytics cookies for statistical purposes but the information collected is not sold by third parties (if I find out otherwise, I’ll remove them). Feel free to block whatever cookies the site is forcing on you as you see fit.

This site is also 100% politics/controversy free. I understand that many readers have strong social and political views but refrain from posting them on the site. IRC is a great place for heated debates, this blog isn’t. To appease all audiences, this site is neutral ground.

Links ≠ endorsement. Affiliations ≠ support. Opinions expressed on my blog are my own.

Site projects include TrackerCat for GPX-file analysis for GPS device forensics (see the blog posts on TC here). You can also check out some Garmin GPS Forensics Research.

Thanks for visiting!

Affiliations and Certifications

GIAC Certified Forensic Examiner (Acclaim Digital Badge Verification)AccessData Certified Examiner
Global Information Assurance Certification (GIAC)Member of the High Technology Crime Investigations Assoc. (HTCIA Northeast)Member of the Open Web Application Security Project (OWASP)
The most trusted source for computer security training, certification, and research
Proud member of HTCIA Northeast and OWASP NYC