Smaller reports: static + dynamic malware analysis, infrastructure pivoting, detection development, and write-up.
Major investigations like the Arsenal-237 and Zero Trace series: many samples and extensive hunting pivots.
A dedicated, self-built home lab runs the VMs, sandboxes, and tooling for safe analysis — real hardware and operating cost.
None of it is paywalled — the research is more valuable when it reaches defenders directly. But it is not free to produce.
Threat-model reviews, retainer advisory, and custom research scoped to your environment and threat profile — not generic frameworks.
Organizations can sponsor a report, a batch, or monthly — logo placement and a link, with editorial independence non-negotiable.
Every report is original research — hands-on malware analysis, open-directory hunts, and detection engineering, done on personal time and personal resources. Hosting, tooling, and the time to do it right all have real costs. If it's been useful to you or your team, a contribution goes directly toward more of it.
Use whichever platform feels right — every contribution goes directly toward the research.