Custom offensive security tools, HTB machines pwned, and challenges solved.
Custom C2 framework β 73 commands, 31 capability modules, MSVC PE64 agent, malleable profiles, cloud transports, JA3 fingerprint bypass, P2P mesh, multi-operator.
Polymorphic EDR evasion generator β MSVC cross-compiled PE64, AES-256-GCM, direct / indirect / HellsGate syscalls, four injection techniques, sleep obfuscation, anti-sandbox, NTDLL unhooking.
AD attack chain automator β 17 modules, persistent credential store, adaptive attack graph engine, goal-seeking chain orchestration, exposed via MCP.
26 scripts (13 modules) covering the full Active Directory attack lifecycle β enumeration, credential access, lateral movement, privilege escalation.
C# / .NET AV evasion payload generator β AMSI / AppLocker / CLM / UAC bypass, Mono and csc.exe compilation, P/Invoke obfuscation.
Automated threat detection and forensics β modular parsers, analyzers, correlators, rule engine, report generation.
Real-time host behavioral forensics agent β 7 detectors, on-host ML, edge analysis, 90%+ log reduction before forwarding.