Tag: DFIR
-
14 Malware Samples, 289 Tools, and What I Learned Building an AI-Driven Analysis Platform
When I first started building what would become Arkana, I had one question: could it actually handle real malware? Not toy samples or contrived demos — proper, nasty, in-the-wild stuff that would give a seasoned analyst a headache. So I threw 14 different samples at it and let it loose. Here’s what happened. The Test…
-
From PeMCP to Arkana: 289 Tools, One AI-Driven Malware Analysis Platform
Back in October, I introduced a couple of tools I’d been building — ProcmonMCP and the PeMCP Toolkit. If you read that post, you’ll know the whole thing started from a simple frustration: spending far too many hours manually sifting through binary analysis data, knowing the answer was right there if only I could get…
-
A Better Way to Analyse: Introducing My New Tools, ProcmonMCP & the PeMCP Toolkit
If you’ve ever worked in digital forensics or malware analysis, you know the feeling. You’re staring at a screen, buried under a mountain of data. It might be a Procmon trace with millions of events, or a packed executable that refuses to give up its secrets. I’ve lost count of the hours I’ve spent manually…
-
HTB Certified Defensive Security Analyst — Done!
I’m very pleased to say I’ve passed the Hack The Box Certified Defensive Security Analyst (CDSA) exam. This one was a proper challenge. Unlike the GFACT and GSEC, which are largely theory-based with multiple choice questions, the CDSA is entirely hands-on. There are no multiple choice questions at all. You’re dropped into a live environment…