Josh Allman

Josh Allman writes about incident response, malware analysis, threat hunting, vulnerability research, and security research. This site is a personal archive of investigations, technical writing, and build notes shaped by my work in tactical response at Huntress and my independent research. All opinions expressed here are my own and do not reflect those of my employer.

Research Highlights

• Shipping ClipShield, a Browser Extension That Blocks ClickFix and Clipboard Attacks

  29 Mar, 2026

  A practical dev log on why I built ClipShield, how it detects clipboard attack chains, and why I kept it zero telemetry and open source.

• Inside a Low-Budget Spyware Operation

  13 Feb, 2025

  A case study on uncovering a low-budget mobile spyware operation, mapping exposed infrastructure, and documenting the operator's mistakes.

• How we got code execution on a government satellite system

  11 Oct, 2022

  A case study on turning a public lead into command execution on a NOAA polar orbit ingestion system and responsibly disclosing the issue.

From the Archive

• How I found an infinite money bug in a rewards platform

  10 Dec, 2024

  A business logic case study on finding and bypassing an employee rewards flaw that let points be reclaimed after they were spent.