Malware Analysis and Detect Response

Malware analysis isn’t just work for me—it’s something I enjoy. Like many in DFIR,
I think playing with samples, digging into obfuscation, and doing reverse engineering is genuinely fun.
I also believe in sharing what I find. Whether it’s samples, detection techniques, or indicators, putting
this stuff out there helps the community and hopefully makes things a little easier for other analysts.
If you’ve landed here by chance, I hope you find something useful (or at least interesting) along the way.

I won't host any samples on this site, I will however share indicators and links to public sandbox runs and virustotal pages. on my blog.

On the blog I will attempt to provide some detailed analysis of samples and alert data.

In the Downloads section I will provide some custom decoders, scripts, and extraction tools for various obfuscation and encoding techniques I've observed in multiple malware campaigns.