About

Welcome to Arch Cloud Labs!

Arch Cloud Labs is a long-running independent security research home lab focused on reverse engineering, vulnerability analysis, malware infrastructure, and offensive tooling.

All work is conducted in the author’s personal capacity and does not reflect the views of any employer.

This site serves as a living portfolio of side projects. Posts range from firmware root cause analysis, malware campaign research, to shellcode tooling, homelab infrastructure and hardware hacking. Each blog post is written with the intent of being a reproducible real-world artifacts with the hopes to inspire others to document their projects.

I’m publishing a bit slower now as I’m currently working on my Doctorate.

For the latest projects head over here.

Talks I’ve Given

• DEF CON 2023 - WINE Pairing with Malware
• DevSecOps Days 2023 - Golfing with Dragons: Building Secure Environments for CTF Competitions
• ATT&CKCON 3.0 2022 - ATT&CKING Containers in The Cloud
• SANS 2021 Blue Team Summit (Lighting Talk) - Living off The Cloud
• DEF CON 2021 - Strace for Binary Analysis
• Interpol Digital Forensics Expert Group (DFEG) 2020 - Down with The Sickness: Hunting COVID-19 Phishing Domains
• Shmoocon 2019 - Weapons of Text Destruction
• DFRWS-EU 2018 - CASE Technical Implementation Workshop
• BSides Roc 2016 - RedOps: Scaling Your Pwnage

Other Notable Mentions

• VX-Underground & SentinelOne: Malware Competition Finalist

• Exploitable Bugs in Cryptocurrency Miners

• (No-CVE) DoS in Radare2 NE file parsing

• (No-CVE) Local Privilege Escalation in Chef <= 12.7 (my first zero day :))

• A mention from the official GCC Twitter account!