Initializing Sequence
Scroll to Decrypt
CLASSIFIED // DOSSIER
STATUS: ONLINE
IDENTITY

Daniel Grigoriev

Threat hunter and software engineer building custom detection tools, honeypot infrastructure, and malware analysis pipelines.

CURRENT STATUS

ROLE

Threat Hunter & Software Engineer

LOCATION

Tel Aviv, Israel

FOCUS

Deception systems, SPL detection, malware RE

Secure email Resume

Featured Projects

High-signal work focused on performance, security, and developer experience.

Seek

Rust

Blazingly fast parallel file search with glob/regex support and polished terminal UX.

  • Parallel search engine with robust permission handling
  • Cross-platform releases + Homebrew distribution
  • Designed for speed and clarity at scale
Repo Releases Homebrew

Ether Hunter

Python

Multi-threaded Ethereum wallet exploration tool with real-time stats and clean terminal output.

  • Concurrency-focused execution with resilient API usage
  • Clear telemetry and graceful error handling
  • Strong documentation on cryptographic probability
Repo

Graph Voyager

React

Interactive graph visualization for exploring algorithms step-by-step.

  • React + Vite + Tailwind interface
  • Live demo with algorithm execution visuals
  • Educational tooling with strong UX focus
Repo Live Demo

Open Source Contributions

Focused on correctness, fidelity of emulation, and maintainable shell parsing.

Cowrie Honeypot

Upstream Contributor

Released in v2.9.3 PR #2805 PR #2849
  • Improved shell FD redirection parsing, including 2>/dev/null edge cases.
  • Refactored shell parsing modules for clearer output capture and stderr routing.
  • Added extensive unit/integration tests for complex redirection scenarios.
Merged PR Original PR Issue Release

Private Security Tooling

Redacted

Automation and detection infrastructure for sensitive environments, focused on high-signal alerting and operational resilience.

Request details

Experience

May 2024 — Present

Threat Hunter & Software Engineer

Israel National Cyber Directorate

  • Built custom honeypot and deception environments.
  • Developed internal tools to accelerate detection workflows.
  • Reverse-engineered malware to extract IOCs and C2 patterns.

Mar 2019 — Oct 2022

Fraud Investigator & Coordinator

MAX

  • Investigated fraud patterns across online and POS channels.
  • Coordinated rapid response to prevent further abuse.
  • Worked with merchants and regulators on AML compliance.

Skills & Certifications

Languages & Development

Python C Java Bash SQL

Security & Defense

Threat Hunting Malware RE Honeypots Splunk / SPL Network Forensics

Tools & Platforms

Docker Kubernetes AWS GCP Linux/Unix Wireshark

Certifications

  • FOR572 — Advanced Network Forensics
  • FOR610 — Reverse-Engineering Malware
  • CCNA — Cisco Certified Network Associate

Secure Contact

Direct channel available for threat research and engineering work.

PRIMARY CHANNEL

daniel@engin.re
GitHub LinkedIn