About Me

Security researcher, educator, and packet nerd. Public speaker and blogger. You can find me on Twitter and LinkedIn. You can also email me at marcelle at marcellelee.com.

The most dangerous phrase in the language is, ‘We’ve always done it this way.’ ~ Grace Hopper

Curated Resources

Websites, Cheat Sheets, and Packet Captures

• Go-to websites
• Collection of cheat sheets
• Custom-built packet captures

You must be the change you wish to see in the world. ~ Mahatma Gandhi

Selected Materials – Workshops, Blogs, Articles, and Talks

Reuse of my materials is licensed under the Creative Commons BY NC license.

BSidesCharm 2022 Let’s Get Cooking with Cyberchef

Cyberwire Research Saturday Podcast: Instagram hijacks all start with a phish

Cyberjutsu Career Conversations Webinar

BSidesNoVA 2020 Hacking the Technical Interview

Another Day, Another Fraudulent App - researched and written in collaboration with Aaron and Ian

Phishing Season Has Opened, Don’t Get Hooked - written for the Cybersecurity Association of Maryland

Stop Looking for the Purple Squirrel: What’s Wrong With Today’s Cybersecurity Hiring Practices - written for the ISACA Journal

Hacker Halted 2018 Cryptojacking: Coming to a Universe Near You

ATM Hacking: You Don’t Have to Pay to Play

DDE Exploitation – Macros Aren’t the Only Thing You Should be Counting

WiCyS 2018 Practical Network Forensics Workshop - collaborated with Jennie Kam and Ellie Daw

Down the BADRABBIT Hole: Ransomware Delivered by Fake Flash Updates

CISSE 2017 The Art of Red and Blue Teaming: Teaching Cyber through Competition - in partnership with the Women’s Society of Cyberjutsu

BSidesNoVA 2017 Dead Box…Not Dead Body Forensics 101 Workshop - collaborated with Dina Haines

If you are in a male dominated workplace, don’t get too comfortable being the only woman in the room. Remember to try to find opportunities to bring other women in—to throw the rope down. It’s a dangerous thing to think: ‘I’m the woman in this room, so that’s my role.’ I try to tell young women—don’t be tricked into thinking that you’re in the field to compete with other women. ~ Tina Fey

Diversity in Tech

Women’s Society of Cyberjutsu (WSC)

Women in Cybersecurity (WiCyS)

The Diana Initiative (TDI)

Never doubt that a small group of thoughtful, committed citizens can change the world; indeed, it’s the only thing that ever has. ~ Margaret Mead

Competitions

Websites

• CTFtime - comprehensive listing of upcoming cyber competitions
• WSC Competitions Slack
• Trail of Bits CTF Field Guide
• Awesome CTF - nice curation of CTF resources
• VulnHub Practice Site
• OWASP Vulnerable Practice Sites
• HackyEaster 2019 Challenge Write-Ups
• Honeynet Project Challenges
• Over the Wire Practice Challenges
• AttackDefense Labs by PentesterAcademy
• Hack the Box Practice Site
• SANS Holiday Hack Challenges
• SANS DFIR Challenges
• Immersive Labs
• PicoCTF CTF Guides
• MITRE Cyber Range and Challenges
• Gamification & Security Webinar

If you’re making mistakes it means you’re out there doing something. ~ Neil Gaiman

My Certifications

• Certified Information Systems Security Professional (CISSP)
• GIAC Security Essentials (GSEC)
• GIAC Certified Intrusion Analyst (GCIA)
• GIAC Certified Forensic Analyst (GCFA)
• GIAC Certified Incident Handler (GCIH)
• GIAC Penetration Tester (GPEN)
• GIAC Critical Controls Certified (GCCC)
• GIAC Information Security Fundamentals (GISF)
• ISACA Certified Cybersecurity Practitioner (CSX-P)
• EC-Council Computer Hacking Forensic Investigator (CHFI)
• EC-Council Certified Ethical Hacker (CEH)
• CompTIA PenTest+
• CompTIA Security+
• CompTIA Network+
• Cisco Certified Network Associate (CCNA)
• AccessData Certified Computer Examiner (ACE)