Research

Projects

• Botnet tracking and infiltration
• Data mining threat intel
• Graph databases applications for RE
• Vulnerability Hunting / Analysis
• Automated malware processing pipelines for dynamic and static analysis

Code

A variety of code is available on my GitHub account, here are a few projects:

• IDATaco plugin for importing Cuckoo metadata into IDA Pro
• PyNetSim internet / malware cnc simulator

Papers / Presentations

• The State of Web Exploit Toolkits, Blackhat USA 2012 Whitepaper Slides
• ASERT’s DDoS Malware Corral, ArbSec / InfoSec Southwest 2013 / RedSky Threat Day
• Recent Advancements in DDoS Malware, Usenix LEET ‘13
• A Survey of Fuzzy Hashing Algorithms, Usenix Security ‘13 Poster
• BladeRunner: Adventures in Tracking Botnets, BotConf ‘13 / AusCERT 2014
• PIN-point Control for Analyzing Malware REcon 2014
• Reversing on the Edge: Traversing the paths for using GraphDBs in RE, REcon 2014 with Jasiel Spelman
• Tasty Malware Analysis with T.A.C.O.: Bringing Cuckoo Reports into IDA Pro, Ruxcon 2015
• Tasty Malware Analysis with T.A.C.O.: Bringing Cuckoo Reports into IDA Pro, Ruxcon 2015 / FIRST 2016
• PyNetSim: A modern INetSim replacement FIRST 2017