Skip to content
View pavolkluka's full-sized avatar
1 follower · 1 following

Achievements

Achievement: Pair ExtraordinaireAchievement: YOLO

Achievements

Achievement: Pair ExtraordinaireAchievement: YOLO

Block or report pavolkluka

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
pavolkluka/README.md

Pavol Kluka

SOC Analyst | Malware & Network Traffic Analysis | Technical Writer

About

SOC analyst focused on malware file triage and malicious network traffic analysis, building scriptable and reproducible workflows on REMnux. I publish detailed analysis walkthroughs on Medium and The Malware Files.

Side project: a Lightning Network-connected PWA for event ticket validation.

Writing

Article Domain Date
Phorpiex Twizt Botnet: A Network Traffic Analysis PCAP / Botnet Feb 2026
Network Traffic Analysis: Lumma Stealer & Payload Reconstruction PCAP / Stealer Jan 2026
Network Traffic Analysis: Analyzing StealC V2 Infostealer with RC4 PCAP / Infostealer Dec 2025
Multi-Stage SVG: Analyzing a Colombian Court-Themed Malware Campaign with 0% AV Detection File / SVG / Dropper Dec 2025
Analysis of phishing email message targeting the Vexl community Email / Phishing Jul 2025
Malicious file analysis: Ransomware meeting minutes File / Ransomware Jul 2025
Network Traffic Analysis Exercise: How to Deploy a Fake Authenticatoor PCAP / Fileless Feb 2025
Network traffic analysis: Koi Loader/Stealer PCAP / Stealer Jan 2025
A quick guide to analysing malicious network traffic PCAP / STRRAT Aug 2024
Greetings to the diplomats from the Konni RAT family! File / RAT Aug 2024
I'm going to show you how Formbook is hidden in a PDF file using AutoIt File / PDF / AutoIt Jul 2024
RTF document enriched with feature File / RTF Jun 2024
Simple example of malicious document analysis File / DOC Jun 2024

Projects

Repository Description Stack Status
soc-toolkit Triage scripts and analysis tools for SOC analysts Bash, Python In development
medium-articles-code Sample-specific scripts from Medium articles Bash, Python In development
hydranode-ticket-validator PWA for QR ticket validation via Lightning Network React, TypeScript, Tailwind In development

Tools I work with

Analysis: REMnux · TShark · Wireshark · Zui · FLARE-FLOSS · CAPA · PortEx Analyzer · Detect It Easy · TrID · ExifTool · Oletools · Didier Stevens Suite · LnkParse3
Threat Intel: VirusTotal · Tria.ge · AlienVault OTX · Malware Bazaar · Malwoverview
Reversing: Ghidra · CyberChef · Binary Ninja
Dev: Python · Bash · React · TypeScript · Tailwind CSS

Support

If you want to support me, you can do so in satoshi. Use the Lightning Network.

Pay with Hydranode

Popular repositories Loading

  1. medium medium Public archive

    Shell

  2. hydranode-ticket-validator hydranode-ticket-validator Public

    A modern Progressive Web Application (PWA) for QR code ticket validation, supporting both offline (XLS file) and online (Hydranode API) data sources. Built with React, TypeScript, and Tailwind CSS.

  3. pavolkluka pavolkluka Public

    GitHub profile README

  4. medium-articles-code medium-articles-code Public

    Scripts and code from my Medium articles on malware analysis and network traffic analysis

    Python

  5. soc-toolkit soc-toolkit Public

    A collection of triage and analysis scripts for SOC analysts and DFIR practitioners

    Shell