Technical blog covering malware analysis, incident response, and security research.https://binaryanalys.is/https://binaryanalys.is/posts/identities_timeline/https://binaryanalys.is/posts/identities_timeline/An update to the Defender Timeline Downloader tool, adding support for Identity (MDI) timelines. This post details the "Skip 9000" pagination algorithm, GZIP compression support, and UI improvements for error handling.Sat, 31 Jan 2026 10:00:00 GMThttps://binaryanalys.is/posts/defender_timeline/https://binaryanalys.is/posts/defender_timeline/A technical deep dive into overcoming Microsoft Defender for Endpoint's 30-day API retention limit. This post details the architecture and authentication mechanisms of a new Go-based tool that automates the extraction of the full six-month timeline data.Tue, 20 Jan 2026 16:38:11 GMThttps://binaryanalys.is/posts/acreed_downloader/https://binaryanalys.is/posts/acreed_downloader/A technical update on Acreed analysis, detailing CAPE Sandbox contributions and a new unified static-dynamic extractor for Amatera.Wed, 31 Dec 2025 00:23:52 GMThttps://binaryanalys.is/posts/welcome/https://binaryanalys.is/posts/welcome/Introduction to this technical blog covering malware analysis and incident response.Sun, 28 Dec 2025 00:00:00 GMThttps://binaryanalys.is/posts/amadey/https://binaryanalys.is/posts/amadey/Deep dive into the Amadey 5 botnet client and its role in a sophisticated cross-platform malware campaign.Mon, 08 Dec 2025 12:00:00 GMThttps://binaryanalys.is/posts/acreed/https://binaryanalys.is/posts/acreed/Deep dive into a sophisticated cross-platform malware campaign leveraging blockchain for C2 resilience.Thu, 16 Oct 2025 12:00:00 GMT