On the Hunt

Deep dive into malware analysis, threat hunting, blue team defense strategies, and red team techniques

Explore Blog

About Me

Recent Posts

View all

Hunting New C2 Frameworks

May 5, 2026

A look at hunting C2 frameworks in the wild, including identifying a previously unknown C2 framework.

Threat Hunting

Device Code Phishing Campaign — Infrastructure Update

Mar 18, 2026

A follow-up investigation mapping 1,337 phishing URLs across 326 workers.dev hostnames, confirming a PhaaS multi-tenant architecture, encrypted client-side payloads, and new lure variants targeting Adobe, DocuSign, and Outlook branding.

Threat Hunting

Uncovering a New Device Code Phishing Campaign

Mar 10, 2026

Uncovering a phishing campaign abusing Microsoft Device Code Authentication and Cloudflare Worker Pages, with detection hunts for Entra and Microsoft 365.

Threat Hunting

Hunting Malicious NPM Packages with AI

Mar 6, 2026

A look into automating the hunt for malicious NPM packages, using AI for package review.

Threat Hunting

ConsentFix: A New way to Phish for Tokens

Dec 17, 2025

A look at a new phishing campaign, ConsentFix which utilises click-fix style techniques to steal auth tokens.

Threat Hunting