Projects and Research

These are some of my latest projects and research I am working on. If you have any question about any of them, email me at

Sucuri CloudProxy (2012-Present)

2012-Present - Work on a different type of WAF (managed security service for web sites). Some details here:

Sucuri Labs (2011-Present)

2011-Present, The goal of the Malware Labs is to share the latest malware samples and domains we are seeing in the wild. We process and parse thousands of compromised and malicious domains every day. It also has links to our latest notes:

Sucuri Malware Labs

URLFind (2012-Present)

2012-Present - A “Internet” scan project to better identify how sites are relating to each other and the usage of outdated software.

Some of our very initial work was published here:

Out of date Software affects sites big and small

And it also lead to the Apache server-status release that affected many top web sites:

Many Apache Web servers put popular websites at risk

PHP Decoder (2012-Present)

2012-Present - We see many types of PHP malware in the wild and we built a PHP decoder to help users decode some of them online (still in beta, but already very useful):

PHP Decoder

Sitecheck Scanner (2008-Present)

2008-Present, The sitecheck scanner was an experimental work developed between 2008/2009 to try to identify anomaly on web sites. This research lead to the creation of Sucuri and our free scanner that is widely used with millions of scans done per month:

Sitecheck Scanner

Old Projects

Some of my old (open source) projects that I am not actively involved anymore.

Quick Links


External Projects