Researching Advanced
Adversarial Tradecraft
Offensive security researcher specializing in tooling, exploit development, and advanced Active Directory tradecraft. Experienced in building complex attack labs, developing custom C2 capabilities in C/C++, and conducting applied security research. Certified across the full OSCE3 track, with a strong foundation in Windows internals, evasive tradecraft, and offensive engineering.
class FlamingoAgent:
def __init__(self):
self.skills = [
"Offensive Security",
"Malware Dev",
"Reverse Engineering"
]
self.certs = ["OSCP", "OSCE3", "CRTO"]
def deploy(self):
return "System Compromised"Featured Projects
A collection of security tools, frameworks, and research I've worked on.
Evasive C2 Framework
PrivateCustom closed-source C2 framework with advanced evasion features. Includes protocol selection (DNS/HTTP(s)), execute-assembly, SOCKS proxy, CS BOF support, AMSI/ETW bypass, and Ekko sleep obfuscation.
Python Security Agent
CTwobe
A proof-of-concept covert channel that weaponizes YouTube's API for command and control, implementing compression-resilient QR video encoding to reliably exfiltrate data and deliver payloads through a platform whitelisted in virtually every enterprise environment.
NetExec MSSQL Modules
Six NetExec modules merged into main for MSSQL link execution, enhancing lateral movement capabilities.
Web App CVE (XSS)
Discovered and reported a Cross-Site Scripting (XSS) vulnerability in a web application.
Nopfuscator
Tool for disassembling x86/x64 shellcode, inserting NOP-equivalent instructions at regular or variable intervals for obfuscation. Supports random NOPs and architecture selection.
Technical Arsenal
A comprehensive set of skills and tools I use to secure and compromise systems.
Offensive Security
- Network Pentesting
- Web App Security
- Active Directory
- Red Teaming
- Evasion Techniques
Development
- Python
- C++
- C#
- x86 Assembly
- C
Tools & Frameworks
- Cobalt Strike
- Sliver
- Metasploit
- Burp Suite
- Ghidra
- IDA Pro