This is the homepage of Michael Ligh. I am a reverse engineer who specializes in vulnerability research, malware cryptography, and memory forensics. I'm co-founder and CTO of Volexity, a security firm based out of the Washington, D.C. area that specializes in assisting organizations with threat intelligence, incident response, forensics, and trusted security advisory. I'm also a core developer of The Volatility Framework, instructor of Windows Malware and Memory Forensics Training, and Secretary/Treasurer of The Volatility Foundation.
In the past, I've served as a Senior Security Intelligence Engineer at iDEFENSE and Director of Malware Research at Terremark. I've also served as Chief of Special Projects at MNIN Security, where I developed password recovery utilities for Microsoft and conducted large-scale forensic investigations for clients around the world.
Online profiles: You can find more about me on the following sites:
My books: I'm lead author of the following titles:
My blogs: I'm a frequent contributor to these blogs:
My presentations: Talks I've given at Defcon or OMFW:
Malware analysis:: Just a few of the more notorious ones:
Phishing investigations: My research goes back at least 12 years: