deathflamingo.com

Security Research

Thoughts, writeups, and research on offensive security and evasion.

2025-12-30

Injecting CDP into a Running Edge Browser: A Deep Dive into Runtime Browser Instrumentation

Reverse engineering Microsoft Edge to enable Chrome DevTools Protocol on a live browser process without restart - for Red Team Operations.

Red TeamBrowser SecurityDLL InjectionReverse EngineeringWinDbg
2025-12-08

Building a RASP: Inside the Application's Mind

A journey into building a Runtime Application Self-Protection (RASP) system for Python from scratch.

RASPPythonSecurityBlue Team
2025-12-07

Evasive C2: The Final Polish

Advanced evasion topics: Beacon Object Files (BOFs) and Ekko Sleep Obfuscation.

EvasionBOFSleep ObfuscationEkko
2025-12-06

Evasive C2: In-Memory Execution

Techniques for in-memory execution, including Fork & Run, PPID Spoofing, and Named Pipe redirection.

WeaponizationProcess InjectionDonut.NET
2025-12-05

Evasive C2: Avoiding Hooks

Exploring advanced Windows evasion techniques including Direct/Indirect Syscalls and PEB walking.

EvasionSyscallsWindows InternalsC++
2025-12-04

Evasive C2: Talking to our agent

Deep dive into the Communication Layer of C24U, covering HTTP/S, DNS Tunneling, and SOCKS5.

C2NetworkingDNS TunnelingSOCKS5
2025-12-03

Evasive C2: Why and How

Chronicle of building C24U, a production-grade C2 framework, from scratch.

C2Malware DevArchitecture
2025-12-03

CTwobe: Hiding Command & Control in YouTube Traffic

A deep dive into building a covert C2 framework that uses YouTube for command execution and data exfiltration.

C2Covert ChannelsPythonRed Teaming
2025-02-10

My Road to OSCE3: Lessons, Challenges, and Triumphs

My personal experience going from new to cyber security to OSCE3

Personal Experience