I do security engineering and automation, threat analysis and research – both defensive and offensive side. I’m a fan of opensource.

You can reach me by email, here is my PGP key.

References

Here I collect some mentions and references (sometimes unattributed) of my work over time for fun purposes in no particular order:

1. Path traversal in pastebinit project: https://jvndb.jvn.jp/ja/contents/2018/JVNDB-2018-016649.html
2. A note in Checkmarx and OWASP Go Secure Coding Practices about ServeMux and CONNECT HTTP method.
3. TheHive’s Cortex analyzers in Go: http://docs.thehive-project.org/resources/Keynotes/Botconf%202018/Instructions%20%26%20Slides/TLP-WHITE-Botconf2018-WS3-MISP_TheHive_Cortex.pdf#page=43
4. Python library remote-virtualbox as a part of a dockerized Cuckoo Sandbox system: https://projekter.aau.dk/projekter/files/320572089/10012020_Tarik_Muhovic_NDS_Master_Thesis.pdf#page=55
5. Offensive Dockerfiles (also here): https://www.slideshare.net/GlenndevaliasGrant/gophers-whales-and-clouds-oh-my#19
6. Python script that converts volatility’s timeline to Timesketch-friendly CSV file: https://youtu.be/3Y7VjuIFXlo?t=4008
7. Dockerfile for Timesketch: https://www.thedigitalforensics.com/incident-response/archives/07-2019