First off, thanks for showing this John. You were actually one of the first people I started watching in my IT career years ago when you were focused primarily on Python videos. Like you, I have since grown in my career and am now working in DFIR and also enrolled in SANS Incident Response Graduate Certificate program. I perform individual host-based forensics, large-scale multi-host multi-server ransomware compromise investigations, and everything in between. I've considered starting a KZbin channel focused on DFIR and showing beginning to end investigations (acquiring evidence from physical machines, imaging, various log analysis, network analysis, host-based forensics, investigation methodologies, reporting, etc.). If this is something your audience would like, I would love a 'Like' and will begin putting together a series for viewers.

John, you’re way too good for this community! Every day I watch your videos and try to grasp everything you teach but it’s difficult to keep up with the plethora of information you are giving out 😂😂 we really do appreciate all your hard work, thanks for all the opportunities you’ve given us to grow and learn!

Just finished my first week of my first job in cyber as a Security Analyst. Thank you for everything you do John, thanks to you, this knowledge is readily available in a digestible way.

big fan here from Ethiopia keep up the content🥰

I'm just over here taking notes on how to KZbin. Love your channel!

Don't know if you have heard but Toronto Public Library was hacked so bad that even their printers/scanners can't be used. It seems like entire back end was destroyed/deleted.

this win11 taskbar is a perfect example of why it was put on the left in the first place :P

The number of environments I come across where literally no security baselining has been carried out is simply staggering.

awesome to see some incident response videos hoping to see some more of these

Is amazing, thanks for sharing. What I don't understand is that you need to have Wireshark all the time monitoring the traffic to get that info? Or how you make those pcaps in a real environment?

Thanks John. We need more of this or malware analysis videos

Thanks for sharing and let us learn . Very well explained and clear.

@johnhammond my man! thats the right energy and natural tone (so rare nowadays with all the hypee youtubers)!! have you ever played with polarizing filters for the reflections in your glasses? you would be amazed!

Excellent video as always! Loving the blue team content on the channel!

It was a really amazing video, we need more of these.

Pause to shift gears 15:33

15:33 poor John forgot to cut it out

I love your teaching methods 😍😍

Well not many companies do pcap to workstations. Too much data.

Thank you so much. This is great.

Big fan of you boss❤❤

Great video, well made and dictated!

05:59 why does office macro have capability to do stuff outside document like spawn process, read and write files?

Nmap is among the stuff? Might give it a shot.

There's no link to the lab in the description currently.

thank, awesome!

As noted by a couple of commenters below, there does not seem to be a link to the labs in the description...

Hey, I know that its hard to reply for comments but I have a question I have my google ID and password but I couldn't sign in into my account I have no 2fa enabled, no recovery phone or email in my account When I try to login it says, to login from device I logged in earlier (not available),sign in from same network(which isn't also available) What to do

so where is the link to poisoning the well? i dont see it via browser

Hello John, Thanks for the video. There is no link in description.

Is it normal for a network to be capturing wireshark during normal use? Or is this supposed to have been run per hack but before cleanup?

Do you have courses?

Where can I find more Incident Response labs? Free labs

Hi John why did you use a vm for this ?

why don't you make a video about Sysmon???

why not open the CSV in excel or something?

yeah no link in description

What are the differences between Antisyphon training vs try hack me? Would they complement each other?

*Nostalgia intensifies*

How often are the logs actually available and not wiped?

can you make a tutorial how to get on onion center the search engine?? please

Love from india ❤

wtf is this click bait. be transparent in your title: this is not real

how gta 6 got hacked , can you explain ?

I don't understand anything here

Make An rev eng of an ITP crypto scam app please. :-)

The day will come when someone asks the AI to fix our security problems, and it eliminates all the humans....

hi

👍

⭐️⭐️⭐️⭐️⭐️

I wonder which company got hacked😂

DISH, duh. Lulz

comment

First, 22 seconds ago?

script kiddie stuff

Lmao!!!! Well played on the word.exe. The word.exe for famous because there was a known counter strike player name forsaken who got caught cheating using word.exe.

HACKERATO LEDGER