hypnguyen1209

Offensive security toolkit for Claude Code covering red team, exploit dev, AD attacks, EDR bypass, mobile pentest

Shellcode development — PIC techniques, PEB walking, API hashing, null-byte avoidance, encoders, loaders, PE-to-shellcode conversion, cross-platform shellcode

Modern initial access techniques — phishing, payload delivery, HTML smuggling, ISO/IMG bypass, supply chain attacks, credential stuffing, exposed service exploitation

Offensive security toolkit for Claude Code covering red team, exploit dev, AD attacks, EDR bypass, mobile pentest

Network penetration testing — lateral movement, pivoting, protocol attacks, traffic interception, Active Directory exploitation, wireless attacks

Linux privilege escalation — SUID/SGID abuse, kernel exploits, capabilities, sudo misconfig, cron jobs, writable paths, container escape

Proactive threat hunting, IOC extraction, MITRE ATT&CK mapping, behavioral anomaly detection, log analysis correlation

Expert-level source code security auditing — taint analysis, memory safety, injection classes, auth flaws, crypto weaknesses, concurrency bugs, supply chain risks

Offensive security toolkit for Claude Code covering red team, exploit dev, AD attacks, EDR bypass, mobile pentest

Advanced software engineering — systems programming, exploit development tooling, automation scripting, network programming, cryptography implementation

Cryptographic assessment — cipher identification, TLS auditing, hash analysis, key strength evaluation, side-channel detection, crypto implementation review

EDR/AV bypass — hook unhooking, direct/indirect syscalls, PPID spoofing, process injection, AMSI bypass, ETW patching, memory encryption, behavioral evasion

PoC development, payload crafting, shellcode generation, ROP chains, heap exploitation, bypass techniques for modern mitigations (ASLR, DEP, CFI, stack canaries)

IR playbook execution — evidence collection, timeline analysis, memory forensics, disk forensics, containment strategies, post-incident reporting

Static/dynamic malware analysis, YARA rules, sandbox evasion detection, behavioral profiling, unpacking, anti-analysis bypass

Mobile application penetration testing — Android/iOS static/dynamic analysis, Frida instrumentation, SSL pinning bypass, root/jailbreak detection bypass, deep-link abuse, exported components, insecure storage, biometric bypass

Full red team engagement — initial access, persistence, privilege escalation, defense evasion, C2 infrastructure, EDR bypass, living-off-the-land

Binary analysis, disassembly, decompilation, firmware RE, protocol reverse engineering, anti-reversing bypass, malware unpacking

Active Directory penetration testing — BloodHound enumeration, Kerberos attacks (Kerberoasting, AS-REP, Golden/Silver Ticket), NTLM relay, DCSync, lateral movement, domain dominance

AI/ML security assessment — prompt injection, jailbreak detection, RAG poisoning, model extraction, adversarial examples, supply chain risks in ML pipelines

Cloud penetration testing — AWS/Azure/GCP privilege escalation, container escape, Kubernetes attacks, serverless exploitation, IaC misconfigurations

Windows privilege escalation — token abuse, service exploitation, UAC bypass, credential harvesting, AD escalation paths

Comprehensive reconnaissance and OSINT — subdomain enumeration, CVE lookup, breach intelligence, DNS history, social profiling, attack surface mapping

Full-spectrum web application penetration testing — OWASP Top 10, API security, authentication attacks, business logic, WAF bypass, race conditions

Offensive security toolkit for Claude Code covering red team, exploit dev, AD attacks, EDR bypass, mobile pentest