Matthew Green

I am a DFIR and detection guy from Sydney Australia.

Matt's DFIR Blog


  1. O365: Hidden InboxRules » 09 Jun 2019
  2. Binary Rename 2 » 29 May 2019
  3. Blue Team Hacks - Binary Rename » 12 May 2019
  4. Live Response Script Builder » 07 Apr 2019
  5. Powershell Download Cradles » 02 Apr 2018
  6. Sharing my BITS » 18 Feb 2018
  7. Invoke-LiveResponse » 14 Jan 2018
  8. Blue Team Hacks - WMI Eventing » 03 Apr 2017
  9. PowerShell Remoting and Incident Response » 12 Jan 2017