Skip to content
Become a sponsor to Nex

My name is Claudio Guarnieri, otherwise known online as Nex. I'm a security researcher, free software developer, human rights advocate and spare time artist. You can find a more comprehensive bio here.

I have founded and led Amnesty International's Security Lab. Over the last decade I primarily worked on researching threats to human rights defenders and helping them stay safe online. Additionally, I develop free software and maintain free services, for individuals at risk as well as fellow security researchers. I also write a personal newsletter where I reflect about security, technology and society.

With your support I will be able to invest more time in producing free and open source content.

Following are some of the projects I have created:

  • Cuckoo Sandbox
    The most popular open source malware analysis sandbox, used by thousands of researchers and organizations around the world.
  • MVT
    MVT is a collection of utilities to simplify the process of gathering forensic evidence from mobile devices, useful to identify potential traces of compromise. Released along with the Pegasus Project.
  • pcqf
    pcqf (PC Quick Forensics) is a little utility to automate the collection of useful forensic artifacts from a Windows computer. It is intended for human rights researchers and technical support working with activists and journalists in order to quickly collect potential evidence of compromise.
  • androidqf
    androidqf (Android Quick Forensics) is a cross-platform utility to automate the process of extracting forensic evidence from Android device. It is intended to be simply used by non-tech savvy users as well to facilitate conducting remote forensics.
  • Viper Framework
    Viper is a framework for binary analysis, clustering, and management. It allows you to quickly triage malicious samples, and extract static information from supported file formats.
  • PhishDetect
    PhishDetect is a project I started and I am currently developing. It's a collection of tools and services to help activists and journalists at risk identify, report and block malicious attacks.
  • Hardentools
    Hardentools is a tool I created to simplify the process of hardening certain settings in Windows to reduce attack surface for at-risk users.
  • Kraken
    Kraken is an advanced Yara scanner. It allows to scan the filesystem, running processes, and autorun entries on Windows, Linux and Mac computers. It is provided with a backend the Kraken agent can report results to.

4 sponsors are funding botherder’s work.


This would help me sustain server costs for free services and websites I run, pay for domain names, etc. ❤️


Featured work

  1. mvt-project/mvt

    MVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devices in order to find signs of a potential compromise.

    Python 7,711
  2. botherder/pcqf

    pcqf (PC Quick Forensics) helps quickly gathering forensic evidence from Windows, Mac, and Linux systems, in order to identify potential traces of compromise.

  3. botherder/androidqf

    androidqf (Android Quick Forensics) helps quickly gathering forensic evidence from Android devices, in order to identify potential traces of compromise.

  4. cuckoosandbox/cuckoo

    Cuckoo Sandbox is an automated dynamic malware analysis system

    JavaScript 4,983
  5. viper-framework/viper

    Binary analysis and management framework

    Python 1,473
  6. securitywithoutborders/hardentools

    Hardentools simply reduces the attack surface on Microsoft Windows computers by disabling low-hanging fruit risky features.

36% towards $100 per month goal

@medecau @braimee

medecau and 3 others sponsor this goal

Select a tier

$1 a month


Thank you for the 🍪!

$5 a month


Thank you for the coffee ! This will get me going through the open Issues!

$25 a month


I very much appreciate your support! This will help me sustain some of the server and development costs.

$100 a month


Thank you very much! This will give me that motivation boost to get those bugs fixed! ;)