English
English Indonesia Türkçe Deutsch Español Português Pусский Français Italiano Nederlands Polski العربية ไทย Tiếng Việt 繁體中文 简体中文 日本語 한국어
codex_tf2's profile picture. advanced persistent clown 🤡 📕 redteam blog: http://codex-7.gitbook.io 🛠️ github: http://github.com/CodeXTF2

CodeX

@codex_tf2

advanced persistent clown 🤡 📕 redteam blog: http://codex-7.gitbook.io 🛠️ github: http://github.com/CodeXTF2

924Posts 2KFollowers 213Following
You might like
Pinned
codex_tf2's profile picture.
CodeX
 @codex_tf2
May 13, 2022

[Pin] My maldev link dump if anyone else wants to read :D (Will be updated) raw.githubusercontent.com/CodeXTF2/malde…

1
9
24
15
0
codex_tf2's profile picture.
CodeX
 @codex_tf2
Nov 25

Added my ICMP, NTP and Websocket C2 channel examples to the public repo. github.com/CodeXTF2/Custo… Also accompanying blog post explaining the template: codex-7.gitbook.io/codexs-termina… pls no flame bad code :D Websocket channel in action:

2
25
143
65
6K
codex_tf2's profile picture.
CodeX
 @codex_tf2
Nov 23

Added a few more example C2 channels to the Cobalt Strike custom c2 channel template on top of the existing file read/write PoC: - named pipe - TCP - UDP github.com/CodeXTF2/Custo…

1
15
99
49
5K
codex_tf2's profile picture.
CodeX
 @codex_tf2
Nov 22

Open sourced my template code for implementing custom C2 channels via a UDRL hook in Cobalt Strike Hopefully this makes developing custom c2 channels for CS easier, because externalC2 spec is a pain. Or just use the upcoming UDC2 interface /shrug github.com/CodeXTF2/Custo…

codex_tf2's tweet card. Contribute to CodeXTF2/CustomC2ChannelTemplate development by creating an account on GitHub.
GitHub - CodeXTF2/CustomC2ChannelTemplate
Source: github.com
3
12
81
56
5K
codex_tf2's profile picture.
CodeX
 @codex_tf2
Nov 21

Been using @_RastaMouse 's crystal kit as a UDRL dev template for the past few days and did quite a few cool things, among them was implementing a custom c2 channel template (in this case, PoC using files on disk as the channel) using IAT hooks on the wininet functions

codex_tf2's tweet image. Been using @_RastaMouse 's crystal kit as a UDRL dev template for the past few days and did quite a few cool things, among them was implementing a custom c2 channel template (in this case, PoC using files on disk as the channel) using IAT hooks on the wininet functions
3
16
119
43
7K
codex_tf2's profile picture.
CodeX
 @codex_tf2
Aug 2

mfw hashcat v7 b4 gta6

hashcat's profile picture. cat, zcat, bzcat, netcat ... ?
hashcat
 @hashcat
Aug 1

hashcat v7.0.0 released! After nearly 3 years of development and over 900,000 lines of code changed, this is easily the largest release we have ever had. Detailed writeup is available here: hashcat.net/forum/thread-1…

hashcat's tweet image. hashcat v7.0.0 released! After nearly 3 years of development and over 900,000 lines of code changed, this is easily the largest release we have ever had. Detailed writeup is available here: hashcat.net/forum/thread-1…
22
376
1K
272
77K
0
0
7
0
475
CodeX reposted
C5pider's profile picture.
5pider
@C5pider
Jul 9

Introducing Havoc Professional: A Lethal Presence We’re excited to share a first look at Havoc Professional, a next-generation, highly modular Command and Control framework, and Kaine-kit our fully Position Independent Code agent engineered for stealth! infinitycurve.org/blog/introduct…

C5pider's tweet card. An introduction to Havoc Professional and Kaine-kit, exploring the advanced features and capabilities that make them lucrative for modern security professionals.
Havoc Professional: A Lethal Presence
Source: infinitycurve.org
57
186
743
213
66K
codex_tf2's profile picture.
CodeX
 @codex_tf2
Jun 28

average day as an aggressorscript victim

codex_tf2's tweet image. average day as an aggressorscript victim
1
1
24
1
2K
CodeX reposted
C5pider's profile picture.
5pider
@C5pider
Jun 25

ah interesting

5
1
54
5
4K
CodeX reposted
SEKTOR7net's profile picture.
SEKTOR7 Institute
@SEKTOR7net
Jun 19

Swimming deep inside Windows Security Center service to re-engineer API access allowing to disable Windows Defender. COM interface reconstruction and integrity checks bypassed to inform WD that its not the-boss-in-the-house anymore... A post by @es3n1n. Nicely done! Repo:…

SEKTOR7net's tweet image. Swimming deep inside Windows Security Center service to re-engineer API access allowing to disable Windows Defender. COM interface reconstruction and integrity checks bypassed to inform WD that its not the-boss-in-the-house anymore... A post by @es3n1n. Nicely done! Repo:…
2
32
138
79
6K
CodeX reposted
trickster012's profile picture.
trickster0
 @trickster012
Jun 21

This is my research project in creating read, write and allocate primitives that can be turned into an injection in order to evade certain telemetry which I presented last year in RedTreat. I hope everyone likes it \m/. trickster0.github.io/posts/Primitiv…

6
93
264
150
32K
CodeX reposted
C5pider's profile picture.
5pider
@C5pider
Jun 9

Truly excited for the upcoming workshop. Covering modern ransomware evasion & detection and also implementing your own ransomware/decryptor for Windows, MacOS and Linux. See you soon! 👻

C5pider's tweet image. Truly excited for the upcoming workshop. Covering modern ransomware evasion & detection and also implementing your own ransomware/decryptor for Windows, MacOS and Linux. See you soon! 👻
C5pider's tweet image. Truly excited for the upcoming workshop. Covering modern ransomware evasion & detection and also implementing your own ransomware/decryptor for Windows, MacOS and Linux. See you soon! 👻
rad9800's profile picture. irrational. founder. building solutions to secure organizations. @deceptiq_
Rad
@rad9800
Jun 9

Looking forward to running the ransomware workshop at @x33fcon this week with @C5pider. Some teasers of what to expect, with some painstakingly crafted slides 🙃

rad9800's tweet image. Looking forward to running the ransomware workshop at @x33fcon this week with @C5pider. Some teasers of what to expect, with some painstakingly crafted slides 🙃
rad9800's tweet image. Looking forward to running the ransomware workshop at @x33fcon this week with @C5pider. Some teasers of what to expect, with some painstakingly crafted slides 🙃
rad9800's tweet image. Looking forward to running the ransomware workshop at @x33fcon this week with @C5pider. Some teasers of what to expect, with some painstakingly crafted slides 🙃
3
6
78
18
40K
7
38
329
108
26K
CodeX reposted
kyleavery's profile picture.
Kyle Avery
@kyleavery
May 22

So excited to speak at #BHUSA for the first time this year! I'll talk about training LLMs on verifiable tasks (including what exactly that means) with a case study automating some maldev work.

7
6
68
13
15K
CodeX reposted
M_alphaaa's profile picture.
Matt Ehrnschwender
 @M_alphaaa
May 30

I'm finally releasing a project that I've been working on for a little while now. Here's Boflink, a linker for Beacon Object Files. github.com/MEhrn00/boflink Supporting blog post about it. blog.cybershenanigans.space/posts/boflink-…

6
64
207
107
19K
CodeX reposted
_logangoins's profile picture.
Logan Goins
 @_logangoins
May 23

I'm super happy to announce an operationally weaponized version of @YuG0rd's BadSuccessor in .NET format! With a minimum of "CreateChild" privileges over any OU it allows for automatic escalation to Domain Admin (DA). Enjoy your inline .NET execution! github.com/logangoins/Sha…

_logangoins's tweet card. SharpSuccessor is a .NET Proof of Concept (POC) for fully weaponizing Yuval Gordon’s (@YuG0rd) BadSuccessor attack from Akamai. - logangoins/SharpSuccessor
GitHub - logangoins/SharpSuccessor: SharpSuccessor is a .NET Proof of Concept (POC) for fully...
Source: github.com
7
168
441
210
33K
CodeX reposted
rad9800's profile picture.
Rad
@rad9800
May 22

Learn to evade and strengthen security controls by building your own ransomware. For a teaser on what to expect, check out my talk 'Windows Ransomware Detection' youtu.be/5t67BFcC-MQ Excited to have y'all join us next month.

rad9800's tweet card. OnlyMalware: Windows Ransomware Detection

youtube.com

YouTube

OnlyMalware: Windows Ransomware Detection

Source: youtube.com
x33fcon's profile picture. When Red meets Blue... The very first security conference for Purple Teams on the planet
/ˈziːf-kɒn/
@x33fcon
May 21

🛠️Join @rad9800 and @C5pider for onsite-only workshop at #x33fcon! Build a fully functional ransomware prototype and uncover the mechanics behind this persistent threat. Learn file encryption, stealth tactics, and how to bypass anti-ransomware tools, with a deep dive into Windows…

x33fcon's tweet image. 🛠️Join @rad9800 and @C5pider for onsite-only workshop at #x33fcon! Build a fully functional ransomware prototype and uncover the mechanics behind this persistent threat. Learn file encryption, stealth tactics, and how to bypass anti-ransomware tools, with a deep dive into Windows…
1
9
50
9
11K
2
12
60
26
7K
codex_tf2's profile picture.
CodeX
 @codex_tf2
May 19

a certain certification vendor must be fuming right now

codex_tf2's tweet image. a certain certification vendor must be fuming right now
20
70
1K
257
49K
CodeX reposted
volatility's profile picture.
volatility
 @volatility
May 16

We are very excited to announce that Volatility 3 has reached parity with Volatility 2! With this achievement, Volatility 2 is now deprecated. See the full details in our blog post: volatilityfoundation.org/announcing-the…

volatility's tweet card. Visit the post for more.
Announcing the Official Parity Release of Volatility 3!
Source: volatilityfoundation.org
3
157
355
51
54K
codex_tf2's profile picture.
CodeX
 @codex_tf2
May 18

wtf bro has a larger bounty than john wick 😭

codex_tf2's tweet image. wtf bro has a larger bounty than john wick 😭
codex_tf2's tweet image. wtf bro has a larger bounty than john wick 😭
0
0
10
0
811
CodeX reposted
yudasm_'s profile picture.
Yehuda Smirnov
 @yudasm_
May 16

What if you skipped VirtualAlloc, skipped WriteProcessMemory and still got code execution? We explored process injection using nothing but thread context. Full write-up + PoCs: blog.fndsec.net/2025/05/16/the…

yudasm_'s tweet card. What happens when you skip memory allocation, skip writing, and weaponize thread context alone? This post explores a new class of process injection that lives entirely in the execution layer — no a…
New Process Injection Class: The CONTEXT-Only Attack Surface
Source: blog.fndsec.net
6
78
222
156
14K
vxunderground's profile picture. The largest collection of malware source code, samples, and papers on the internet. Password: infected

vx-underground

@vxunderground
C5pider's profile picture. developer at (REDACTED) and @InfinityXCurve

5pider

@C5pider
_RastaMouse's profile picture. Be kind, be brave, be principled.

Rasta Mouse

@_RastaMouse
HackingLZ's profile picture. CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race cars

Justin Elze

@HackingLZ
rad9800's profile picture. irrational. founder. building solutions to secure organizations. @deceptiq_

Rad

@rad9800
ShitSecure's profile picture. Pentesting, scripting, pwning!

S3cur3Th1sSh1t

@ShitSecure
ippsec's profile picture.

ippsec

@ippsec
chompie1337's profile picture. hacker, weird machine mechanic, X-Force Offensive Research (XOR)

chompie

@chompie1337
passthehashbrwn's profile picture. Adversarial Simulation at IBM, tweets are mine etc.

Josh

@passthehashbrwn
Dinosn's profile picture. Head of Threat & Vulnerability Mgmt @ Henkel AG & Co. KGaA https://t.co/NC1orlKrW3

Nicolas Krassas

@Dinosn
CyberWarship's profile picture. Father, Founder @HanseSecure, Pentesting, Student, ExploitDev, Redteaming, InfoSec & CyberCyber; -- Mastodon: https://t.co/KFSKYUN98M

Florian Hansemann

@CyberWarship
snovvcrash's profile picture. Sr. Penetration Tester / Red Team Operator @ptswarm :: Author of the Pentester’s Promiscuous Notebook :: He/him :: Tweets’re my pwn 🐣

sn🥶vvcr💥sh

@snovvcrash
mariuszbit's profile picture. 🔴 Operator, Initial Access afficionado, Researcher, ex-AV engine developer, ex-Malware analyst 🦋 @mgeeky.bsky.social 🫖 green tea lover

mgeeky | Mariusz Banach

@mariuszbit
_xpn_'s profile picture. Hacker for Hire at @SpecterOps | Blog at https://t.co/tjfTOllCEu | Insta at https://t.co/PqR6CZPwjl

Adam Chester 🏴‍☠️

@_xpn_
0gtweet's profile picture. My own research, unless stated otherwise. Not necessarily "safe when taken as directed". GIT d- s+: a+ C++++ !U !L !M w++++$ b++++ G-

Grzegorz Tworek

@0gtweet
vysecurity's profile picture. Director, Red Team, Offensive Security. Help organizations safeguard their businesses from the bad guys.

Vincent Yiu

@vysecurity
KlezVirus's profile picture. Independent Cyber Security Researcher - Opinions are my own

klez

@KlezVirus
an0n_r0's profile picture. CRT(E|O|L) | OSCP | @RingZer0_CTF 1st (for 2yrs) | HackTheBox Top10 | RPISEC MBE | Flare-On completer | GoogleCTF writeup winner | SSD research | Math MSc |🇭🇺

an0n

@an0n_r0
SEKTOR7net's profile picture. Homo Aptus. Vincit qui se vincit - Publilius Syrus. Consulting, Training, Technology, Cyber domain, and more... @x33fcon founder.

SEKTOR7 Institute

@SEKTOR7net
HackingDave's profile picture. Founder @Binary_Defense @TrustedSec Co-Owner https://t.co/HQC75WhdJh. @WeHackHealth Pod. God + Family/Hacker/CSO/USMC/Intel/Fitness. Make the world a better place.

Dave Kennedy

@HackingDave
Teach2Breach's profile picture. MALicious softWARE

K̵i̵r̵k̵ ̵T̵r̵y̵c̵h̵e̵l̵

@Teach2Breach
infosecnoodle's profile picture.

noodlearms

@infosecnoodle
cobaltstrikebot's profile picture. I drink and I look for Cobalt Strike.

cobaltstrikebot 🌻

@cobaltstrikebot
ssamat's profile picture. President, Android Ecosystem @Google

Sameer Samat

@ssamat
WuWei113's profile picture. My name Wei. Chinese international student in US. study engineer and web3. finance. macroecon. I bring much justice and wisdom. 爱美国的中国人. Sponsor by @rainbetcom

Wei Wu 吴伟

@WuWei113
M_alphaaa's profile picture. Security person who likes writing code

Matt Ehrnschwender

@M_alphaaa
AppSec_Village's profile picture. AppSec Village @DEFCON & @RSAConference A volunteer-run, non-profit focused on education, awareness, and community. Founded by @erezyalon and @tzionit411.

AppSec Village

@AppSec_Village
cryignsadign's profile picture. idk why i created this acc

sadddddd

@cryignsadign
DaWouw's profile picture. Offensive Developer && Red Teamer @ Outflank

Dima

@DaWouw
Altoid0day's profile picture. Security Engineering @ something blue | Professional Bottleneck dev | Cyber competition enjoyer

Altoid0

@Altoid0day
0xTriboulet's profile picture. Unsafe Researcher | Tweets are my own

Steve S.

@0xTriboulet
BinaryFaultline's profile picture.

Josh Hawkins

@BinaryFaultline
shawnwillden's profile picture. Tech Lead for Android hardware-backed security subsystems. Thoughts are my own, not Google's.

Shawn Willden

@shawnwillden
StarRailMen's profile picture. ✨ Your daily dose of #HonkaiStarRail men!

Daily HSR Men 💫

@StarRailMen
dailyGImen's profile picture. 🌈 #原神: Collect them all! #GenshinImpact 🍡 Genshin merch: https://t.co/qCGBpTJ8Uq

Daily Genshin Men 💫

@dailyGImen
honkaistarrail's profile picture. Honkai: Star Rail, a HoYoverse space fantasy RPG #HonkaiStarRail YouTube: https://t.co/aQZpKkPMCx Instagram: https://t.co/784j2ATMLN

Honkai: Star Rail

@honkaistarrail
BLUECOW009's profile picture. creator: SuperPrompt ⟨ψ,ψ⟩ = 1 /// prompt god ///

@bluecow 🐮(schizo)

@BLUECOW009
G0ldenGunSec's profile picture. Adversary Simulation @xforce/ Frequent reader of the first page of Google results / Occasional reader of the second page of Google results

Dave Cossa

@G0ldenGunSec
s_3r_0's profile picture.

Sero

@s_3r_0
Bobfree_'s profile picture. 1/2 🚲 enjoyer, Taiko Donder

Bobfree

@Bobfree_
the_bit_diddler's profile picture.

sinusoid

@the_bit_diddler
Octoberfest73's profile picture. Red Team | Offensive Tool Dev | OSCP | OSEP

Octoberfest7

@Octoberfest73
N4k3dTurtl3's profile picture. I drink and I hack things

NA

@N4k3dTurtl3
kabinet01's profile picture. noob in cybersecurity | cloud security enthusiast | ctf player

kabinet

@kabinet01
RedTeamTactics's profile picture. Outsmart, Outmaneuver, Redefine the Tactics blog 👉 https://t.co/jBrypEoM7c learn 👉 https://t.co/llylzGEs0D

RedTeamTacticsAcademy

@RedTeamTactics
szymex73's profile picture. CTFs & 🎶🎮 | Capturing 🚩 with @justCatTheFish | @szymex73@infosec.exchange / @szy.bsky.social

szymex73

@szymex73
ch1gg1ns's profile picture. @Mandiant @GoogleCloud

Chris Higgins

@ch1gg1ns
ExodusGhost's profile picture. Darknet Diaries Ep: 70/ Ex black hat. Threat hunter. Freelance writer and OSINTer. #OpChildSafety Join us on Telegram: https://t.co/N5hOUkCynY

GhostExodus.org

@ExodusGhost
the_secret_club's profile picture. secret club is a not-for-profit reverse-engineering group; publishing new research on popular software. No ads, no cookies, just research.

secret club

@the_secret_club
Jhaddix's profile picture. CEO, CISO, Trainer, Hacker, and Speaker. Cybersecurity + Hacking + AI + Sec Leadership @arcanuminfosec

JS0N Haddix

@Jhaddix
DrAzureAD's profile picture. Principal Identity Security Researcher at Microsoft. Ex-Secureworks. (MSc, MEng, PhD, CITP, CCSK). And yes, opinions are my own ;)

Dr. Nestori Syynimaa

@DrAzureAD
d_tranman's profile picture. salsa sultan, verde villain, condiment connoisseur Adversary Simulation @xforce Red Team @wrccdc Former: @NationalCCDC+@wrccdc & @globalcptc @calpolyswift

Dylan Tran

@d_tranman
Geiseric4's profile picture. AD/Azure Enthusiast | eCPPTv2 | CRTP | CRTO | CRTE | CRTM | CARTP https://t.co/yYy84cNFPw

Geiseric

@Geiseric4
bri5ee's profile picture. Detection Engineering & IR | Red Team @wrccdc | OSCP, CRTO, CARTP | Prev @globalcptc @wrccdc competitor @calpolyswift | Prev @anduriltech

bri5ee

@bri5ee
FabrePierrejean's profile picture. Web and mobile pentester. i like everything related to web hacking!! some CTF are harder than many real web app!! i use arch btw

Fabre Pierre-jean

@FabrePierrejean
ustayready's profile picture. Targeted Ops Red Team @ TrustedSec | Hacking since Renegade BBS backdoors | Prior CrowdStrike/BHIS | In Christ's grip | Fighter for truth | K1HAQ

Mike Felch (Stay Ready)

@ustayready
inversecos's profile picture. founder & hacker @xintraorg 🌎

inversecos

@inversecos
_Mayyhem's profile picture. Senior Security Researcher @SpecterOps https://t.co/Sz5fRYkX6u

Chris Thompson

@_Mayyhem
The___Undergrad's profile picture.

Zach Fleming

@The___Undergrad
pentest_swissky's profile picture. RedTeam | Pentest Author of PayloadsAllTheThings & SSRFmap https://t.co/w1ZLRqoafG

Swissky

@pentest_swissky
mubix's profile picture. Dad / Husband / Marine / Student / Teacher / @Hak5 / @NoVAHackers / @SiliconHBO / @NationalCCDC / @MARFORCYBER Auxiliary

Rob Fuller

@mubix
DragoQcc's profile picture. Adversary Simulation @SpecterOps

DragoQCC

@DragoQcc
your_b1gbroth3r's profile picture. I'd take a header off the Bridge of Nations just to brush arms with ya

James Curbow

@your_b1gbroth3r
Her0_IT's profile picture. Devid Lana. @aptortellini Red Team Lead

Her0

@Her0_IT
RedTeamEric1's profile picture. Red Teamer. Code hacker, Security Engineer, and OSINT user. Arch Linux and Tron fanatic!! My opinions do not reflect my employers.

INT 80h

@RedTeamEric1
fortraofficial's profile picture. Fortra offers security solutions covering the full attack chain, using AI, real-time detection, and offensive tactics to prevent and disrupt advanced threats.

Fortra

@fortraofficial
gatariee's profile picture. 19 • opinions are my own

gatari

@gatariee
meterpretered's profile picture. MalDev - Offensive Security Researcher - I post occasional infosec stuff and drama

Kabuto

@meterpretered
_nwodtuhs's profile picture. Trying to hack the way we hack things 🏴‍☠️

Charlie Bromberg « Shutdown »

@_nwodtuhs

United States Trends

You might like

Something went wrong.


Something went wrong.