Constellation: Clustering Nihilistic Violent Extremist Telegram Networks
How Constellation collects Telegram accounts, channels and groups, stores them as a normalised relational record, and ingests them into a Neo4j property graph. Supports the intelligence techniques of pivoting and clustering, to assist investigation into nihilistic violent extremist groups operating out of The Com.
Jun 19, 2026
Black Hat USA 2024: From Doxing to Doorstep - Exposing Privacy Intrusion Techniques used by Hackers for Extortion
Doxing was initially a practice for undermining hackers' online anonymity by 'dropping docs' but has evolved into a tool used for real-world extortion, employing violence-as-a-service tactics. Read this detailed blog post on the research I presented at Black Hat USA 2024.
Aug 8, 2024
Black Hat USA 2024: Interviews with Extorters 'Ego' and 'Reiko'
Read the full transcripts of my interviews with threat actors involved in doxing for extortion. This includes 'Ego', a member of the notorious doxing gang ViLE, and 'Reiko' a system administrator and developer of the largest online doxing community, Doxbin.
Aug 7, 2024
Crabby's Credential Stuffing: Australian Account Takeovers in 2024
In January 2024, breaking headlines were made, with commentary from Prime Minister Anthony Albanese, that 50+ major Australian brands had customer accounts compromised through credential stuffing attacks. This article provides threat attribution, and detailed research on the adversaries involved.
May 20, 2024