Hi there — I'm OJ.

I love security, and this site is where I learn in public. Breaking down incidents, building forensics workflows, dabbling in some malware analysis. This is mostly notes I wish I had and notes I will continue to refer to.

New here? My best work →

latestanalysis•2/8/2026

LinaStealer Unity NSIS Electron Loader: Multi-Stage Infostealer Campaign Analysis

Multi-stage loader analysis abusing Unity + NSIS + Electron to deliver a Brotli-compressed infostealer payload.

Recent

notes1/2/2026

PCAP Analysis Using tshark For Some Malware

playbook2/4/2026

Email Threat Analysis: Reviewing Attachments Safely

Short updates while things are still fresh.

featuredPRVIEW • projectopen app →

Browser-based phishing email analysis: import .eml or raw source, parse headers/body, extract URLs, and export a clean summary. Mostly for my own use, but it's handy.

Some things stay as notes. Some turn into deep dives. Want to explore more?

Notes

Personal security notes. How I reason through problems, break down incidents, and connect ideas as I learn.

→

Analysis

Deep dives into malware, phishing campaigns, and attacker tradecraft. Focused on how things behave at runtime and what defenders can actually detect.

→

Playbooks

Repeatable scripts and workflows I actually use, with the reasoning behind when to run them.

→

Say hi: me⁠@⁠heyosj.com •
LinkedIn•X•GitHub