Skip to content
View jon-brandy's full-sized avatar
🧬
Psalms 91:1-16
🧬
Psalms 91:1-16
107 followers · 96 following
  • PT ITSEC Asia Tbk
  • Jakarta, Indonesia
  • LinkedIn in/nicsap

Achievements

Achievement: Starstruckx2Achievement: QuickdrawAchievement: Pull Shark

Achievements

Achievement: Starstruckx2Achievement: QuickdrawAchievement: Pull Shark

Organizations

@ImaginaryCTF @TCP1P @csc-research-development @baycysec @PETIRsec

Block or report jon-brandy

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
jon-brandy/README.md

Hi there πŸ‘‹

πŸ”’ DFIR Consultant | Defensive Content Engineer | Black Hat Asia & USA 2025 Arsenal Speaker

I am a Digital Forensics & Incident Response (DFIR) Consultant at ITSEC Asia, with a primary focus on malware analysis. My work involves conducting cyber incident investigations to understand attacker behavior and impact, as well as analyzing identified malware samples. I also contribute as a Defensive Content Engineer at TryHackMe, creating hands-on content to help others learn practical DFIR and security concepts.

I presented a DFIR research tool as an Arsenal speaker at Black Hat Asia and Black Hat USA 2025. In addition, I serve as a Subject Matter Expert (SME) for Digital Forensics at EC-Council. My background includes participation in CTF teams such as BINUS PETIR, Lil L3ak, and ImaginaryCTF, where I focused on Binary Exploitation (PWN) and Forensics. I have also contributed to CTF challenge development for national and international competitions.

I believe that learning never exhausts the mind, and I continuously strive to deepen my understanding of cybersecurity through both practice and research.

πŸ“œ Certifications:

  • Team T5 - Certified Threat Hunting Professional (T5-CTHP).
  • EC Council - Computer Hacking Forensic Invesigator (CHFIv11).
  • eLearn Certified Digital Forensics Professional (eCDFPv2).
  • EC Council - Certified Incident Handler (ECIHv3).
  • EC Council - Digital Forensics Professional (DFEv1).
  • Certified Mobile Penetration Tester - Android (CMPen).
  • Certified Cloud Security Practitioner AWS (CCSP-AWS).
  • Certified Network Security Practitioner (CNSP).
  • Certified Appsec Practitioner (CAP).

🎯 FYI:

I absolutely enjoy writing HackTheBox writeups on machines, Sherlocks, and solving PWN CTF challenges. You can find some of my work on my Repo, where I share my solutions and knowledge.

Pinned Loading

  1. hackthebox hackthebox Public

    My WriteUps for HackTheBox CTFs, Machines, and Sherlocks.

    Python 175 29

  2. baycysec/plaguards baycysec/plaguards Public

    Plaguards: Open Source PowerShell Deobfuscation and IOC Detection Engine for Blue Teams. [Presented at Black Hat Asia and USA 2025 Arsenal]

    Python 17 4

  3. sigurd sigurd Public

    Sigurd is a research-oriented malware sample, specifically a Remote Access Trojan (RAT), used to support digital forensics, incident response training, and CTF-style forensic challenges.

  4. baycysec/artemon baycysec/artemon Public

    ArteMon is a real-time Windows artifact intelligence platform for investigators and educators, designed to eliminate missed evidence and make forensic analysis as fast as the threats it pursues.

    Python

  5. abyssos abyssos Public

    Abyssos is a research-oriented malware sample, specifically a ransomware, used to support digital forensics, incident response training, and CTF-style forensic challenges.

  6. HolmesGeo HolmesGeo Public

    A simple, modular tool for extracting and analyzing IP addresses from multiple sources.

    Python 1 1