Alan Neilan's blog of random stuff™

---

Project maintained by ANeilan Hosted on GitHub Pages — Theme by mattgraham

Alan Neilan

Security Researcher
Blog: aneilan.github.io
Linkedin: https://www.linkedin.com/in/alan-neilan-4a271a158/
Massachusetts, United States

Summary

Passionate and driven Security Researcher with hands-on experience in threat intelligence, phishing detection, malware analysis, and attacker infrastructure takedown. Strong track record in proactive hunting, community-driven threat mitigation, and incident analysis. Known for deep independent research, public advocacy, and actionable intelligence sharing. Adept at bridging technical execution with human-centric security insights.

Experience

Threat Analyst

WMC Global | Jan 2022 - Oct 2024

• Executed high-volume phishing site and malicious phone number takedowns for global brands, directly reducing consumer harm. Including targets such as T-Mobile, Bank of America, and Citibank.
• Maintained and enriched a threat classification system, resulting in improved URL detection accuracy.
  • Identified and removed bogus and unroutable phishing sites.
  • Removed false positives for legitimate link shorteners that were being incorrectly tagged as malicious.
• Maintained and improved internal abuse contact repositories to streamline escalation and remediation workflows. Utilized social media, personal contacts, and other means to locate correct points of contact for take down notices.
• Collaborated with external providers to dismantle attacker infrastructure at scale. This included working directly with Cloudflare, Hostinger, and Namecheap.
• Identified phishing kits and submitted them to internal threat intelligence system.

Helpdesk Analyst / Security Analyst

Steward Health Care Systems | Jul 2018 - Jan 2022

• Delivered first-tier support for a large healthcare workforce, resolving access and connectivity issues.
• Served as key liaison between Helpdesk and Security Engineering teams to fast-track security-focused escalations.
• Discovered and initiated a migration plan for legacy systems with deprecated software, significantly hardening internal security posture.
• Triaged VPN, SSO, and content filtering issues; managed token deployment and investigated access anomalies.

Security Researcher

Independent | 2016 - Present

• Discovered, analyzed, and deobfuscated phishing kits, with artifacts shared across public threat repositories and CTI channels.
• Conducted targeted infrastructure mapping and collaborated with CTI teams on coordinated takedown campaigns.
• Authored technical blogs on phishing kit behaviors, infrastructure trends, and privacy guidance.
• Reported multiple real-world data exposures and vulnerable assets to affected organizations.
• Recognized with the President’s Volunteer Service Award (2023) for contributions to public cybersecurity.

Education

Bridgewater State University (Spring ‘14 - Spring ‘17)

Major: Communications | Minor: Computer Science

Lincoln Technical Institute (Oct 2010 - Sep 2011)

Diploma Program: Computer Networking & Security

Skills

• OS: Linux, Windows
• Threat Tools: Splunk (active use), Zendesk (active use), OSINT
• Infra & Dev: Docker, Containers, VMware, Vagrant, Packer
• Packaging: RPM builds with Mock
• Soft Skills: Public Speaking, Cross-team Collaboration, Knowledge Transfer

Publications & Speaking

• Podcast - Layer 8 Podcast, Ep. 94: “The Phishing Kit Hunter”
• Talks - “Moby Dick: Stories of Going After Phishing Attacks”
• Research cited by multiple cybersecurity vendors, blogs, and podcasts.