A malware analysis platform built in Rust

A comprehensive integration solution connecting MISP threat intelligence with Wazuh security monitoring for real-time threat detection. This project provides step-by-step instructions for deploying, configuring, and integrating MISP and Wazuh with Sysmon to automatically detect indicators of compromise (IoCs) in your environment.

Extract useful information from PANOS support file for CVE-2024-3400

A Python-based static analysis tool that inspects PDF internal structure to detect malicious JavaScript, obfuscated streams, embedded payloads, and indicators of compromise using object & stream level parsing inspired by pdfid, pdf-parser, peepdf, and qpdf methodologies.

A comprehensive collection of security log analysis projects and methodologies for detecting threats, credential abuse, and advanced persistent threats (APTs) in enterprise environments. Features detailed forensic investigations of large-scale Windows Security Event Logs using Python-based data analytics and behavioral pattern recognition.

Windows Event Log Analysis — Incident Response Simulation using Event Viewer (Alfido Tech Task 4)

Lightweight log scanner to flag brute-force attempts and high-volume hostile IP activity.

Executive phishing email analysis for VitalCare Health Solutions – includes header inspection, BEC indicators, SPF/DKIM/DMARC checks, malicious attachment & URL analysis, and a stakeholder-ready executive report with findings, impact, and recommendations.

Rust crates for physical memory forensics — LiME, AVML, crash dump, hiberfil.sys parsing; Linux/Windows kernel struct analysis; process, network, credential extraction.