#threat-intel
Everything across writeups and projects that touches this topic.
Projects
builds & tooling
- Python · Deception
HoneyNet — Modular Honeypot Framework
SSH, HTTP, and FTP decoy services that log attacker credentials, shell commands, and file probes into a single JSON stream — with real-time coordinated scan detection
- Python · Malware Analysis
MalDoc Scanner — Static analyzer for malicious Office docs and PDFs
A Python static analyzer that extracts and scores VBA macros, embedded JavaScript, and IOCs from Office documents and PDFs without ever opening them in a viewer
- Python · Threat Intelligence
PhishKit Analyzer — Static triage for phishing HTML artifacts
A static analysis tool that fingerprints phishing kits, identifies credential harvesting forms, detects brand impersonation, and extracts blocklist-ready IOCs from a saved HTML file