Aleksandar Milenkoski

Educational Outreach

Articles

From Narrative to Knowledge Graph | LLM-Driven Information Extraction in Cyber Threat Intelligence

Aleksandar Milenkoski, Razvan Gabriel Cirstea

Web

Exploring the VirusTotal Dataset | An Analyst’s Guide to Effective Threat Research

Aleksandar Milenkoski, Jose Luis Sánchez Martínez (VirusTotal)

Web

11 Problems ChatGPT Can Solve For Reverse Engineers and Malware Analysts

Aleksandar Milenkoski, Phil Stokes

Web

Positions

Adjunct Lecturer

Baden-Württemberg Cooperative State University Mosbach, Germany

Adjunct Lecturer

Department of Mathematics and Informatics, University of Würzburg, Germany

Workshops

Advanced Threat Hunting: Automating Large-Scale Operations with LLMs

LabsCon 2025 Conference, USA

Get Your Cyber Threat Intel On!

Luxembourg Tech School, Luxembourg

Insight into Windows Internals

TROOPERS 2018/2019/2020 Conferences, Germany

Windows Internals

German Federal Office for Information Security, Germany

Repositories

Windows Insight

The content of this repository aims to assist efforts on analysing inner working principles, functionalities, and properties of the Microsoft Windows operating system. This repository stores relevant documentation as well as executable files needed for conducting analysis studies. Some of the content of this repository has been created in the course of a project named 'Studie zu Systemaufbau, Protokollierung, Härtung und Sicherheitsfunktionen in Windows 10 (SiSyPHuS Win10)' (ger.) - 'Study of system design, logging, hardening, and security functions in Windows 10' (eng.). This project has been contracted by the German Federal Office for Information Security. The work planned as part of the project is conducted by ERNW GmbH, starting in May 2017.

View on GitHub →

hInjector

hInjector is a customizable framework for injecting hypercall attacks during regular operation of a partially or fully paravirtualized guest virtual machine in a Xen-based environment.

View on GitHub →