Janosch's Avatar

Janosch

@jkppr

DFIR and Timesketch for work, hiking and sailing as a hobby, thoughts are my own, not much more to say...

27
Followers 56
Following 6
Posts 14.11.2024
Joined
Posts Following

Latest posts by Janosch @jkppr

New version of OpenRelik (the #DFIR workflow engine) is out. New workflow UI, support for chords (task groups with callback), MCP server and much much more. Give it a try!

Take a look at the new page for workers showcase, both official and community contributed: openrelik.org/workers/

03.03.2026 15:51 πŸ‘ 4 πŸ” 5 πŸ’¬ 1 πŸ“Œ 0
Post image
17.01.2026 15:44 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Post image

We are launching a Black Friday deal on our most popular course, Threat Hunting & Incident Response w/Velociraptor! From now until midnight (EST) 11/28, enjoy 40% off our best-selling on-demand course.

Register: ddi.sh/thvr-bf-2025
Use Code: blackfriday2025

#DFIR #ThreatHunting

24.11.2025 14:30 πŸ‘ 8 πŸ” 3 πŸ’¬ 0 πŸ“Œ 0

πŸ“£THREAD: It’s surprising to me that so many people were surprised to learn that Signal runs partly on AWS (something we can do because we use encryption to make sure no one but you–not AWS, not Signal, not anyone–can access your comms).

It’s also concerning. 1/

27.10.2025 10:38 πŸ‘ 2865 πŸ” 1055 πŸ’¬ 43 πŸ“Œ 181
Preview
Widespread Data Theft Targets Salesforce Instances via Salesloft Drift | Google Cloud Blog A widespread data theft campaign targeting Salesforce instances via the Salesloft Drift third-party application.

A threat actor (UNC6395) is accessing Salesforce accounts and data through the Salesloft Drift AI chat agent

cloud.google.com/blog/topics/...

26.08.2025 17:19 πŸ‘ 15 πŸ” 11 πŸ’¬ 1 πŸ“Œ 1
Post image

A new Unfurl release (unfurl.link) is here! v2025.08 has:

πŸ†” Parsing more from TikTok IDs (millisecond timestamp, entity type (user account, device, live session, or video), and more). Thanks to Benjamin Steel for the paper arxiv.org/abs/2504.13279

πŸ“ Full release notes: github.com/obsidianfore...

11.08.2025 15:16 πŸ‘ 8 πŸ” 4 πŸ’¬ 0 πŸ“Œ 0
Preview
Black Hat Black Hat

Heading to #BlackHat Arsenal in 2 weeks w/ @maartenvdantzig.bsky.social to demo our new AI investigation features in Timesketch! We've built a workflow that partners the analyst with AI to speed up investigations while keeping you in control.

Meet us on πŸ“Thurs, Aug 7, 1pm, at Arsenal Station 7

20.07.2025 20:50 πŸ‘ 1 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Post image

Using Timesketch for timeline analysis? We recently added a new feature: LLM summaries of up to 500 events in view. Example below uses Gemini Flash, but you can just as easily use a local Ollama model. Setup guide: timesketch.org/guides/user/...

19.06.2025 18:01 πŸ‘ 6 πŸ” 4 πŸ’¬ 0 πŸ“Œ 1
Preview
Security Fest 2025 - Day 2 YouTube video by Security Fest

Here are the slides/resources from our #SecurityFest talk on "Modernizing Incident Response Using Techniques that Scale"

Talk: www.youtube.com/live/Znl7TBF...

05.06.2025 17:57 πŸ‘ 14 πŸ” 8 πŸ’¬ 2 πŸ“Œ 2

Hey DFIR Peeps! I am hiring incident responders in two locations - Boulder, CO and Sunnyvale, CA. It'd be hard to find a bigger CSIRT with more scope and more interesting stuff to do than this one. :D

SVL: www.google.com/about...

BLD: www.google.com/about...

25.04.2025 22:24 πŸ‘ 4 πŸ” 4 πŸ’¬ 0 πŸ“Œ 0
Preview
Release 20250408 · google/timesketch What's Changed ✨ New Features & Major Enhancements Core Functionality & API: Add Support for Searching Processing Timelines by @jbaptperez in #3241 Add Timeline, SearchIndex and Datasource creati...

We have a new Timesketch release: github.com/google/times...
It includes AI / LLM things, new features, bugfixes and more. Check it out. #DFIR

09.04.2025 07:28 πŸ‘ 3 πŸ” 2 πŸ’¬ 0 πŸ“Œ 0
What if the wise men kept walking after Jesus’s birth?
What if the wise men kept walking after Jesus’s birth? YouTube video by xkcd's What If?

What if the wise men kept walking after Jesus’s birth?

Watch the latest What If? video collaboration with MinuteEarth!

youtu.be/YL2VNtus4xk

04.03.2025 22:10 πŸ‘ 1709 πŸ” 159 πŸ’¬ 59 πŸ“Œ 10

Hey #DFIR people! New #OpenRelik release just dropped. Some cool new features and a bunch of bug fixes.

26.02.2025 16:32 πŸ‘ 5 πŸ” 2 πŸ’¬ 0 πŸ“Œ 0
Post image Post image Post image

Turren-SchΓΆnbΓΌel Trail, my absolute favorite so far.

22.02.2025 06:43 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Post image Post image

Snowshoeing at Weissenberge, Switzerland

02.02.2025 17:40 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
A snow-covered landscape with a clear blue sky and snowshoe tracks leading through the snow.

A snow-covered landscape with a clear blue sky and snowshoe tracks leading through the snow.

Snowshoeing in a winter wonderland. [Furna, Switzerland]

25.01.2025 19:39 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Senior Security Engineer, Security Research β€” Google Careers

Project Zero is hiring πŸ‘€
No need to tell y'all that the team is awesome

08.01.2025 10:23 πŸ‘ 47 πŸ” 20 πŸ’¬ 0 πŸ“Œ 0
Post image

Exciting NewsπŸš€πŸŽ‰:

Our @cyber5w.bsky.social Intro to DFIR Course is now FREE!πŸ”

Please read our announcement found below. The course will also be available for FREE @opensectraining.bsky.social very soon! #DFIR #infosec #cybersecurity #DigitalForensics

cyber5w.com/into-dfir.html

07.01.2025 01:43 πŸ‘ 16 πŸ” 10 πŸ’¬ 1 πŸ“Œ 0

πŸš€ New OpenRelik release

Role-based access control, folder sharing, database improvements, optimisations for file listings, chunked file uploads, bug fixes and refactoring efforts to improve stability.

πŸ“ https://openrelik.org/changelog/
πŸ”— https://discord.gg/hg652gktwX

#DFIR

27.11.2024 15:41 πŸ‘ 4 πŸ” 3 πŸ’¬ 0 πŸ“Œ 0
Post image

If you need datasets for your #DFIR training? Feel free to use any of my cases found in the URL below. They can be used for both academic or commercial training.

www.ashemery.com/dfir.html

01.11.2024 16:07 πŸ‘ 28 πŸ” 8 πŸ’¬ 1 πŸ“Œ 1
A picture taken from a mountain peak overlooking a sea of clouds.

A picture taken from a mountain peak overlooking a sea of clouds.

17.11.2024 04:43 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0