Research
MDX-based technical notes and walkthroughs.
Structured for future expansion into deep research posts, walkthroughs, and engineering notes.
Reverse Engineering Obfuscated JavaScript
A workflow for profiling obfuscated JavaScript, simplifying AST structure, recovering behavior, and converting findings into useful defensive output.
Malware Analysis Walkthroughs
A structured workflow for moving from suspicious sample intake to evidence, behavioral conclusions, and defensive output.
IoT Threat Research
Planned research stream covering IoT lab design, protocol analysis, and realistic adversary simulation.
Security Automation Using Python
Planned write-up on shaping Python utilities into reliable triage, enrichment, and analyst-support workflows.
Threat Analysis Contributions
Published malware-analysis contribution references.
Selected threat encyclopedia entries included here as supporting references for malware-analysis and threat-research contributions.
Threat Encyclopedia
BKDR_BINLODR.ZNFJ-A
Backdoor loader reference covering dropper- or web-delivered arrival and its dependency on an additional component to execute correctly.
Open reference →
Threat Encyclopedia
COINMINER_MALXMR.TIBAFZ-VBS
VBS-assisted coinminer entry documenting delivery through other malware or malicious sites and the follow-on miner execution chain.
Open reference →
Threat Encyclopedia
JS_NEMUCOD.THEADAH
JavaScript Nemucod trojan reference describing malicious-site delivery, dropped components, and registry-related system changes.
Open reference →
Threat Encyclopedia
COINMINER_MALXMR.TIBAFZ
Coinminer analysis reference focused on dropper- or web-based delivery with persistence-oriented host modifications during execution.
Open reference →
Threat Encyclopedia
TROJ_DLOADER.VSNTK
Downloader trojan entry outlining malicious-site delivery and parameter-driven retrieval of remote payloads in a staged infection chain.
Open reference →
Threat Encyclopedia
VBS_DLOADER.TIFOEBR
VBS downloader reference covering malicious-site delivery, saved payload staging, and execution of downloaded files from roaming-profile storage.
Open reference →
Threat Encyclopedia
Trojan.JS.MANAGEX.A
Modular JavaScript adware-trojan entry centered on browser-extension based information gathering and dropped Chromium extension artifacts.
Open reference →
Threat Encyclopedia
Coinminer.Win32.MALXMR.SMBM4
Windows coinminer reference describing malicious-site delivery and registry changes used to hide files during miner deployment.
Open reference →
Threat Encyclopedia
Worm.VBS.DUNIHI.TVV
VBS worm reference documenting dropper- or web-based arrival with follow-on filesystem and registry activity during propagation.
Open reference →