Bio
I’m a researcher at Active Countermeasures that ponders one specific question: how to detect C2 frameworks. I approach this problem using a network threat hunting perspective, using Zeek and custom Python tools to detect C2 communication through statistical and fingerprinting techniques. I also build C2 emulation tools in Go, exploring both defensive and offensive perspectives. I’m passionate about teaching, having taught across a range of diverse topics, including malware development.
