Blogs

One thing I say often is “If you see something interesting, grab a copy of it, because it may not be there tomorrow.” Links rot, accounts vanish, YouTube pulls vids faster than you can say “copyright strike.” So anytime you stumble onto a clip that matters for your investigation, download it first, analyze it later. But here’s the rub: browsers

(Kali Linux & Ubuntu, Passive + Active Recon, API Keys, Logging & More) OWASP’s Amass is a fantastic tool, but unfortunately, its documentation is lagging and doesn’t match the current 4.2.0 version. After figuring out the current settings and configuration options, I used AI to help me write a guide for using the current version. The more detailed PDF is

Another update is I got accepted to present at Black Hat Arsenal in Las Vegas this year, which I’m super excited about! If you’re not familiar with Arsenal, it’s a place set up off in the vendors area where people who develop new tools can present them, and it has to be like open source, etc. So basically, several years

In my last post several weeks ago, I stated that I was on a cruise and was planning on taking a short break from blogging. Well, the break lasted a little bit longer than I thought! So it’s time to play catch up a little bit. After the cruise, I came back home for four or five days and then

I’ll try to make a few posts from my cruise this week but no guarantee. Happy easter all!

OpenAI just launched two new models of ChatGPT, o3 and o4-mini. I played with giving o3 images and asking it “where exactly was this image taken”. Within a minute or so it would have an answer and while I’m sure I’ll find some misses, it hasn’t missed for me yet. One of my tests was giving it a picture of

Did a poster signing today at the SANS Cyber Defense booth and am now at dinner with an amazing group of people.

I’ll be giving a third talk at GISEC now discussing cutting edge techniques using AI for audio analysis.

I’ve agreed to give a second talk at the GISEC conference in Dubai next month. Here is the outline: Title: 24/7 Threat Tracking on Telegram: How to Automate Infostealer Log Monitoring With Python Synopsis: In this fast-paced session, Matt Edmondson (author of SANS OSINT courses SEC497 and SEC587) takes you behind the scenes of his automated threat-hunting setup on Telegram—one

I was doing a demonstration for a tal,k and I needed to demonstrate deep research, so I picked a topic that I had just written a blog post about on Methods to discover redacted information from a pdf and since deep research put in the work and came up with a lot of analysis citations et cetera on the topic

I always have a great time teaching for SANS, but the big conferences like Orlando and Las Vegas always hit harder with bigger crowds, more activities etc. Looking forward to a great week!

I had a student reach out and ask about ways to “unredact” information from a PDF. They work for an organization that releases a lot of redacted material and they wanted to ensure they weren’t accidentally leaking out sensitive information. When you need to redact documents, it’s important to verify the sensitive information is actually gone, not just visually hidden.

It was a huge honor to speak at the 2025 Supply Chain Technical Exchange Symposium yesterday. Got to see a few old friends and make some new ones today! Having lived in the area for five years, it’s always nice to get back at catch up.

I took a day to figure out exactly what I wanted to talk about at the GISEC Conference next month in Dubai and came up with the following: Necessity Breeds Innovation: OSINT Solutions When Budgets Fail This talk explores how security professionals can implement powerful Open Source Intelligence (OSINT) monitoring strategies with minimal to no budget. Drawing from real-world experience

I’ve never been a massive fan of flying, but it’s funny how surviving an 18-hour flight to Singapore makes a 4-hour cross-country flight seem like no big deal 🙂