Hey, I’m Mike - a Threat Researcher with 20+ years in IT and InfoSec, rooted in network engineering and systems administration. I’ve been fascinated by computers since the mid-90s, and today I channel that into building open source tools that help defenders do their jobs better.

What your sponsorship supports:

I maintain a growing portfolio of open source security projects and some of them aren’t free to run.

Security Detections MCP
is an AI-powered detection coverage intelligence platform serving 8,700+ detections across Sigma, Splunk, Elastic, KQL, Sublime, and CrowdStrike. It costs real money to keep online — hosting, database, and AI inference all add up. Your sponsorship directly helps keep it running and accessible to the community.

Beyond that, I contribute to and maintain projects across the defensive security ecosystem:

Atomic Red Team — Core contributor to the community’s go-to library of MITRE ATT&CK detection tests
LOLDrivers — Living Off The Land Drivers, a curated database of vulnerable and malicious drivers
sysmon-dfir — The original Sysmon resource for detection and DFIR
PowerShell-Hunter — Hunting tools for defenders
NEBULA — Interactive framework for testing WMI, COM, LOLBAS, and persistence techniques
ClickGrab — Finding ClickFix and FakeCAPTCHA in the wild
ASRGEN — Attack Surface Reduction configurator and testing
Bootloaders — Curated list of malicious bootloaders
ShellSweep, ADTrapper, MSIXBuilder, NPM-Threat-Emulation, and more

Where the money goes:

Infrastructure first - hosting, compute, and API costs for Security Detections MCP and other projects. Anything beyond that gets reinvested into the community. I’m committed to transparency on how funds are used.

The goal hasn’t changed: empower defenders to detect more, hunt smarter, and close gaps before the adversary finds them.