Conjecture on Resource Utilization
February 11, 2019 - In this essay, I describe my conjecture on how humans tend to use resources with a particular focus on how this relates to software.
Analysis of Obfuscated PHP Malware
January 29, 2019 - A partial analysis of some obfuscated PHP.
Profiling And Detecting All Things SSL With JA3
January 2, 2019 - An introduction to a library for fingerprinting SSL clients.
OneMillion API
November 23, 2018 - API to check if a domain is in a list of the one million most visited domains.
Playbook Friday Blogs
October 24, 2018 - Some of my playbooks were featured in ThreatConnect's playbook Friday blogs.
ThreatConnect Open-Source Resources Site
August 16, 2018 - A site listing ThreatConnect's open-source resources.
ThreatConnect DoubleCheck
August 6, 2018 - Library for testing and validating the contents and structure of data in ThreatConnect.
Indicator of Compromise Utility Library
July 30, 2018 - Helpful functions for working with indicators of compromise.
Angular2+ Indicator of Compromise Parser
June 1, 2018 - Angular2+ service for parsing indicators of compromise from text.
Indicator of Compromise Finder
February 5, 2018 - Python package to find Indicators-of-Compromise in text.
XN-Twist
November 5, 2017 - Algorithm and classification system to identify and monitor Unicode domain squats which may used to target an organization.
Indicator of Compromise Fanging/Defanging Library
October 5, 2017 - Standardizing the way indicators are fanged and defanged.
Robtex Python SDK
September 19, 2017 - Python wrapper for the Robtex API.
OneMillion
April 5, 2017 - Check if a domain is in the Alexa or Cisco one million domain lists.
Magento Malware Investigation
December 11, 2016 - Investigation of a magento malware compromise.