bugz
A security-focused researcher exploring defensive and offensive security to secure systems, companies and people. Starting on malware analysis and expertise in Vulnerability management.
Coming SoonCore Interests
Areas of focus
Defensive & Offensive Security
Playing both sides of the security chess game. I break things to understand how to protect them better. Penetration testing isn't just about finding holes—it's about thinking like an attacker while building defenses that actually hold up. Red team tactics inform blue team strategies. The best defenders have spent time on offense, and I'm learning both languages fluently.
DFIR (Digital Forensics & Incident Response)
Digital archaeology meets crisis management. When systems get compromised, I dig through the rubble to reconstruct what happened, how they got in, and what they touched. Memory dumps, timeline analysis, artifact hunting—piecing together the attack story from digital breadcrumbs. The goal isn't just understanding the past incident, it's preventing the next one.
Malware Analysis & Reverse Engineering
Deconstructing malicious code to understand the adversary's playbook. Still early in the journey, but fascinated by static analysis, behavioral profiling, and sandbox detonation. Every malware sample tells a story—who built it, what it wants, how it hides. Learning to read assembly, debug binaries, and extract IOCs. The more you understand the weapon, the better you can defend against it.
Vulnerability Management & Cloud Security
Currently deep in Microsoft Defender and Sentinel, building KQL hunting queries that actually catch threats before they spread. Exploring Amazon Inspector for cloud vulnerability assessment. It's not just about scanning and patching—it's about understanding risk context, prioritizing what matters, and automating the boring parts. Modern attacks target cloud misconfigurations as much as software bugs, so the battleground has shifted.
Research Output
Published work and open source contributions
Detection Rules
Soon KQL Queries
Proactive threat hunting queries for Sentinel covering emerging attack patterns
Technical Writeups
Coming Soon
In-depth analysis of threat campaigns and defensive techniques
Open Source
GitHub Repos
Security tools, scripts, and automation frameworks