Skip to content
View Arrbat's full-sized avatar
πŸ’­
Open for work
πŸ’­
Open for work
3 followers · 2 following

Achievements

Achievement: YOLOAchievement: QuickdrawAchievement: Pull Shark

Achievements

Achievement: YOLOAchievement: QuickdrawAchievement: Pull Shark

Block or report Arrbat

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
Arrbat/README.md

Hi there! πŸ‘‹

TL;DR: Malware Analyst/Reverse Engineer/Security Researcher

πŸ”­ What I do

  • Write complete projects with maintainable code, documentation and features
  • Research malware, write reports and solve crackmes
  • Trying myself in new technologies, frameworks, tools or/and programming languages

⭐ Projects (pinned)

  • PE Packer β€” ChaCha20-Poly1305, HKDF, anti-debug, process hollowing.
  • BlackCat Research β€” longitudinal analysis 2021–2023, MITRE mapping, 3 YARA rules etc.
  • Nector β€” network triage analyzer for malware traffic extraction.
  • Multiple Malware Reports including written detection rules and tools (like deobfuscator...)

🧰 Skills

  • Reverse engineering: Binary Ninja/Ghidra, x64dbg (x32dbg). Mainly x86/x64
  • Languages: C / C++ (strong), Python (automation)
  • Malware triage: procmon, fakeNet, Wireshark; YARA, Sigma
  • Crypto: Strong knowledge (f.e. ChaCha20/Poly1305, SHA256, HKDF) (theory + implementation skills)
  • (As a additional hobby) Embedded engineering: STM32 and Cortex-M overall, Misra C 2012 standard knowledge

Languages

  • Ukrainian β€” Native
  • Russian β€” Native
  • English β€” B2
  • Polish β€” B1

Contact

Discord: @arrbat

Email: w5ab0hvt4@mozmail.com

Pinned Loading

  1. Veil-Forge Veil-Forge Public

    CLI tool for shielding your app from static and dynamic analysis

    C 5 3

  2. MALWARE_ANALYSIS MALWARE_ANALYSIS Public

    Repository describes behavior of some malwares in detailed reports. There are reports and if needed - custom YARA (or other) rules, scripts etc.

    YARA 1

  3. Nector Nector Public

    Nector (Network inspector) is a tool for both static and dynamic analysis of real and possible network behaviour designed for malware analysis.

    C++

  4. CTF_AND_CRACKMES_WRITEUPS CTF_AND_CRACKMES_WRITEUPS Public

    My solved crackmes and CTF challenges with provided solutions and custom scripts if needed

    Python 1