INDEPENDENT RESEARCH & CONSULTING BY MATTHEW KIRKLAND

Decoding threats.
Engineering defenses.

I am an independent security researcher, threat investigator, and systems developer. I specialize in deep-telemetry malware C2 tracking, binary triage, and reverse engineering. Separately, I engineer high-performance systems and structures for technical SEO.

Core Expertise

Security & Threat Research

Threat Intel & OSINT

Tracking advanced threat actors, dissecting campaigns, compiling detection matrices, and publishing threat OSINT at derp.ca.

Reverse Engineering

Developing custom MCP servers for Ghidra, Radare2, and ILSpy to enable AI-agent binary triage, alongside RogueBinary.com labs.

DNS Telemetry & Research

Analyzing DNS threat telemetry, mapping domain reputation matrices, and conducting threat research under specialized external contracts for domainintelligence.uk and ADAMnetworks.

Secure IT & Managed Services

Securing, architecting, and managing robust IT environments, commercial networks, and security infrastructure under external contract for Nerds On Site.

Core Expertise

Technical SEO

Technical SEO & Systems

Optimizing large-scale crawl structures, engineering high-performance search visibility, and managing technical SEO systems at ylx.ca. This is a separate, dedicated systems practice focused strictly on organic discovery and crawl optimization.

Operational Focus

Direct execution, zero theater

I operate as a fully independent security researcher, threat investigator, and systems developer. I don't run an agency, and I don't employ staff - when you work with me, you get direct, unfiltered access to my technical expertise and deep telemetry.

My professional practice is strictly contract-based. I collaborate as an external expert with high-impact platforms, serving as a Security Researcher for ADAMnetworks to analyze threat telemetry and investigate malware behavior, and for domainintelligence.uk on DNS reputation mapping and telemetry tracking. Additionally, I partner with Nerds On Site to secure, architect, and manage corporate IT environments and commercial networks.

In my independent labs, I design and run original threat-hunting platforms and security systems. This includes Derp.ca (my public daily malware command-and-control tracker), RogueBinary.com (my advanced threat hunting and automated malware analysis laboratory), my YARA Rules repository, and my suite of custom open-source Model Context Protocol (MCP) servers for Ghidra, Radare2, and ILSpy.

Separately, I run YLX.ca, a high-performance technical SEO venture. This represents a completely distinct area of focus where I apply similar systems-engineering discipline - analyzing raw crawl logs, optimizing server rendering paths, and engineering scale-resilient organic discovery pipelines.

Across both disciplines, I am completely hands-on. Whether I am dissecting an active botnet loader or profiling a search crawler's behavior, there is no consulting theater or management overhead. I write the pipelines, analyze the data, and execute the work directly.

Console // Operator Profile

Active

Identity Matthew Kirkland

Role Security Researcher & Developer

Structure Sole Proprietor

Location London, Ontario

Contracts ADAMnetworks, domainintelligence, Nerds On Site

Ventures YLX, Honesty

Labs Derp, RogueBinary, YARA, MCP servers

[SYS_LOG // TELEMETRY_STREAM] REC

> derp.ca reputation index loading... ok

> egress allowed host check (adam:ONE)... ok

> MCP servers loaded (ghidra/r2/ilspy)

> crawl profile analytics simulation... idle

Contact & Connect

Get in touch

Social Profiles

GitHub github.com/kirkderp

X x.com/KirkDerpca

LinkedIn linkedin.com/in/matt-kirkland

Bluesky kirkderp.bsky.social

Mastodon infosec.exchange/@kirkderp

Decoding threats. Engineering defenses.