From BruCON 2015
Jump to: navigation, search

Willi Ballenthin is a forensic analyst and reverse engineer who specialises in incident response. He is the author of many cross-platform Python libraries applicable to computer forensics, including python-registry, python-evtx, and the INDXParse suite. Willi has taught professionally to government and corporate groups on topics like Malware Analysis and Advanced Forensics on Windows and UNIX systems.