deathflamingo.com
Cybersecurity Researcher & Developer

Researching Advanced
Adversarial Tradecraft

Offensive security researcher specializing in tooling, exploit development, and advanced Active Directory tradecraft. Experienced in building complex attack labs, developing custom C2 capabilities in C/C++, and conducting applied security research. Certified across the full OSCE3 track, with a strong foundation in Windows internals, evasive tradecraft, and offensive engineering.

Featured Projects

A collection of security tools, frameworks, and research I've worked on.

Evasive C2 Framework

Private

Custom closed-source C2 framework with advanced evasion features. Includes protocol selection (DNS/HTTP(s)), execute-assembly, SOCKS proxy, CS BOF support, AMSI/ETW bypass, and Ekko sleep obfuscation.

C++C#EvasionC2Malware Dev
Read Blog

Python Security Agent

Flask-based security agent applying function-level hooks defined in YAML or learned via behavioral analysis. Prevents unauthorized file access, subprocess execution, and SQL injection by limiting table access.

PythonFlaskSecurityHooking
Read BlogGitHub

CTwobe

A proof-of-concept covert channel that weaponizes YouTube's API for command and control, implementing compression-resilient QR video encoding to reliably exfiltrate data and deliver payloads through a platform whitelisted in virtually every enterprise environment.

PythonYouTube APISteganographyC2
Read BlogGitHub

NetExec MSSQL Modules

Six NetExec modules merged into main for MSSQL link execution, enhancing lateral movement capabilities.

PythonNetExecMSSQLPentesting
GitHub

Web App CVE (XSS)

Discovered and reported a Cross-Site Scripting (XSS) vulnerability in a web application.

Bug BountyWeb SecurityXSSCVE
GitHub

Nopfuscator

Tool for disassembling x86/x64 shellcode, inserting NOP-equivalent instructions at regular or variable intervals for obfuscation. Supports random NOPs and architecture selection.

PythonShellcodeObfuscationAssembly
GitHub

Technical Arsenal

A comprehensive set of skills and tools I use to secure and compromise systems.

Offensive Security

  • Network Pentesting
  • Web App Security
  • Active Directory
  • Red Teaming
  • Evasion Techniques

Development

  • Python
  • C++
  • C#
  • x86 Assembly
  • C

Tools & Frameworks

  • Cobalt Strike
  • Sliver
  • Metasploit
  • Burp Suite
  • Ghidra
  • IDA Pro

Education

Master's in Cyber Security

Monash University

Expected Graduation: 2026

B.Tech in Computer Science

Vellore Institute of Technology

Graduated

Certifications

OSCP
OSEP
OSWE
OSED
OSCE3
CRTO
CRTP
CPTS