About Me


Hello, world;

Welcome to my blog! I’m a passionate programmer with a keen interest in malware development and red team operations. My goal is to specialise in malware development, either as part of a team of security researchers or as a malware specialist on a sophisticated red team.

This blog is my personal knowledge base, a place where I can keep track of my progress and share some cool stuff I’ve been working on. Whether you’re new to this field or you’ve been around the block a few times, I hope you’ll find something interesting or useful here.

Feel free to check out my GitHub and YouTube channel, where I share my own projects and material. I’m excited to contribute my unique content to the cybersecurity community.

Modern malware development is increasingly adopting Rust and Go, primarily because of the current challenges in accurately decompiling them and their capabilities comparable to C and C++. Rust, in particular, offers significant advantages such as improved ergonomics and the absence of memory errors, making it a superior choice over C and C++ as we progress through the mid-2020s. Rust’s Foreign Function Interface allows full interoperability with C libraries, eliminating the need to rewrite C-based frameworks. The robustness against memory errors makes Rust an excellent platform for malware authors, ensuring the reliability of offensive engagements, whether lawful or criminal.

By advancing my skills in malware development using Rust and Go, I aspire to be at the forefront of combating cybercriminal activities with subject matter expertise in this rapidly evolving area.

Highlights

See my blog post highlights below:

  1. Hells Gate Rust - EDR Evasion with syscalls
  2. EDR Evasion ETW patching in Rust
  3. Remote process DLL injection in Rust
  4. An introduction to adversary emulation with a dotnet stealer and a Go c2 server
  5. Str Crypter - Payload string encryption with Rust
  6. Sanctum EDR (Introduction post) - a Rust EDR proof of concept I am building

Contact and Collaboration

I am always open to connecting with fellow cybersecurity professionals. Whether you have a project idea, need collaboration, or just want to discuss the latest trends in malware development, feel free to reach out. You can contact me via my Twitter, or email me at fluxsec@proton.me. More than happy for collaboration; however - I will only respond to legitimate, legal, and ethical requests. No exceptions, we are here on this planet to leave it a better place than we found it.

Any content posted here is for ethical purposes only, I do not condone the use of offensive cyber security for any purpose which breaks the law or harms others, and I do not condone or permit any user to take learning, or code samples from this blog, and use them for illegal or ethically questionable activity. This blog is strictly for educational purposes, and for the furthering of my own knowledge.

You may NOT under any circumstance use any code, theory, or information from my blog and use it in a manner which is illegal, unethical or that harms any living being. You may not use any code or information from this blog to do anything on a system that you do not have the full explicit permission of the system owner to do. I cannot be held responsible for the actions of others whom consume this information. I post these blogs specifically to help encourage and motivate people to learn offensive cyber security for the greater good of society and our cyber defences. I am also blogging to document my growth and to consolidate learning.

Why do I like offensive security? In my opinion it significantly enhances defensive security strategies over time. Think about it, offensive cyber provides invaluable insights into the mindset, techniques, and tools used by attackers, enabling us to anticipate and counteract potential threats more effectively. By understanding the vulnerabilities and attack vectors that the big bads exploit, we can proactively identify and fortify weaknesses in our systems before they are compromised. It also allows for the development of more robust and resilient security architectures, policies, and response protocols.