I specialize in exploit and malware development, with a strong focus on APT-style attack simulation and advanced adversary tactics. My work targets complex environments where stealth, persistence, and precision are critical.

I develop custom exploits across web applications, modern browsers, mobile platforms, and much more. With a deep understanding of memory corruption, logic flaws, sandboxing mechanisms, and system internals. From vulnerability research to post-exploitation, I focus on full-chain attacks that reflect the sophistication seen in targeted intrusions.

On the Windows side, I design and implement malware and implants tailored for red team operations, including custom loaders, process injection techniques, C2 communication, and EDR evasion. I prioritize low-level control, modularity, and operational security in all tooling, supporting stealthy persistence and lateral movement across enterprise environments.

My APT-focused methodology includes:

•End-to-end kill chain execution (recon → access → persistence → exfiltration)

•Payload and exploit staging across multiple platforms

•Target-specific malware customization and delivery

•Integration with offensive frameworks (e.g., Cobalt Strike, Mythic, custom loaders)

•Evasion of modern defensive tooling (EDR, AV, logging & monitoring)

📌 Core Competencies:

•Web: Advanced XSS, RCE chains, deserialization, SSRF, CSP bypass

•Browser: V8 & JavaScriptCore exploitation, type confusion, sandbox escapes

•Mobile: iOS/Android reverse engineering, runtime hooking (Frida/Xposed), APK/IPA tampering

•Windows: Shellcode dev, reflective injection, API hooking, AV/EDR evasion, in-memory payloads

•Threat Simulation: APT TTP emulation, operational security (OPSEC), stealthy lateral movement

Whether you’re looking for full-spectrum red teaming, exploit research, or custom malware development, I deliver high-impact offensive capabilities modeled after today’s most advanced threat actors.