Willi Ballenthin

@mastodon @github @twitter
Software reverse engineer writing about disassembly, debugging, emulation; programming in Python and Rust; and listening to post-rock and -metal.

blog

projects

capa
malware capabilities
FLOSS
obfuscated strings
python-idb
IDA Pro analysis
python-registry
Registry parser
INDXParse
NTFS artifacts
EVTXtract
EVTX recovery

tweet archive

for posterity, SEO, etc.