About | 2B53

About

2B53 is a blue-team and forensic-focused workspace with a clean technical surface.

The stronger direction is DFIR, memory analysis, WiFi forensics, artifact review, and practical investigation workflows. The site itself stays structured and readable, but the core identity is security work first.

Blue-team mindset

Evidence handling, triage discipline, and practical investigation routes over noisy branding.

Technical depth

A bias toward internals, system traces, memory artifacts, and host-level analysis.

Readable execution

Interfaces and notes designed to stay clear when an operator needs signal fast.

My preference is for workflows that stay legible under pressure. That means strong defaults, clean hierarchy, readable evidence handling, and interfaces that surface the important signal first.

The work sits around DFIR, memory review, WiFi and network traces, malware and artifact analysis, and a smaller validation-focused pentesting layer. Frontend and Next.js still matter here because a good interface helps make technical work faster and less messy.

Focus areas

DFIRMemory ForensicsWiFi ForensicsArtifact TriageMalware AnalysisLittle PentestingLinux and Windows Internals

Forensic tooling

DFIR and Forensics

Sleuth Kit / AutopsyEZToolsSysinternalsVolatility (basic)Timeline review

Memory and Malware

VolatilityPEStudioHxD / HexToolsexiftool

Network, WiFi, and Logs

WiresharkWiFi capturesCustom parsersIOC extraction

Signals and platforms

Blue Team and Forensics

PythonWiresharkVolatilityLinuxWindowsMemory analysis

Web and Backend

HTML5MySQL

Learning and Platforms

Hack The BoxHTB AcademyTryHackMe

Investigation focus

DFIR, Memory, WiFi, Artifact triage

Secondary layer

Web, Network, AD basics, validation pentesting

Contributed to

Nexolutions-UG/OS, Nexolutions-UG/erp.3d, 2b53/Khora and 19 more repos

June 2026

9 commits OS, 9 commits Nexophone, 2 commits 2b53_wb

Experience

2022 to 2026, reordered around the actual security path.

The timeline follows the visible public signal: foundations first, then labs and platforms, then tooling, and finally the stronger blue-team and DFIR direction seen across GitHub and the current profile positioning.

2026

Blue-team direction, SOC signal, and active public build work

Current phase shaped by the Junior SOC Analyst and blue-team positioning, ongoing Nexolutions work, and visible GitHub activity across OS, Nexophone, erp.3d, Khora, and the 2b53 web presence.

2025

DFIR, memory, and investigation-first repositioning

The profile shifts harder toward artifact triage, memory analysis, WiFi and host evidence, with offensive work kept as a smaller validation layer instead of the main identity.

2024

Hands-on labs, attack-chain research, and tooling growth

Hack The Box, HTB Academy, TryHackMe, and self-driven research become a stronger practical layer while public repos start reflecting exploit paths, framework ideas, and security experiments.

2023

Security learning turns practical and repeatable

The focus moves beyond interest into repeatable lab work: web, network, AD basics, Linux, and Windows fundamentals, plus the first clearer pattern of documenting and testing real attack paths.

2022

Foundation year for systems, internals, and cybersecurity

This is the early base layer: building comfort with operating systems, command-line workflows, network thinking, and the technical curiosity that later feeds into DFIR, blue team, and security tooling.

Dfir load sequence

Scanning route, logs, and forensic context

live route analysis

Loading signalfull sequence

mounting forensic workspace

hydrating route graph

correlating host evidence

indexing memory artifacts