Articles
MaxDcb Research
Technical research notes on offensive security engineering, low-level tooling, and security architecture. I write about how security tools are built, how runtime mechanisms behave, how protocols and modules are structured, and how complex systems can be analyzed from an attacker-informed engineering perspective.
The main areas covered here are:
- Offensive security engineering and research methodology.
- C++ security tooling, build systems, module boundaries, and test harnesses.
- Windows internals, PE loading, reflective loading, unwind metadata, and runtime analysis.
- Application security, secure code review, exploitability reasoning, and design review.
- C2 architecture, transport abstractions, message formats, module loading, and operator workflows.
- Kubernetes and OpenShift security modeling, RBAC analysis, and graph-based attack surface mapping.
- LLM agentic workflows for security research, code review, tooling automation, and lab operators.
Boundaries
The views, research, and content shared here are my own and do not represent, reflect, or speak for my employer.
All content is published for authorized security research, education, and controlled lab environments only.
Latest Articles
Building a Modern C2
Exploration C2 0.16: Multi-Arch Windows Builds, ARM64, Donut, CI, and Codex
Technical notes on the 0.16 release: multi-architecture Windows builds, ARM64 support, Donut integration work, CI validation, and Codex-assisted low-level engineering.
- c2
- release-engineering
- arm64
- windows-internals
- ci
- codex
- donut
Building a Modern C2
Building a Modern C2 - Part 4: Modules
How Exploration C2 modules are loaded, executed, unloaded, and shared between TeamServer and beacon implementations.
- c2
- modules
- memorymodule
- beacon
- stealth
- templates
Building a Modern C2
Building a Modern C2 - Part 3: Beacons and Listeners
The shared runtime contract between beacons and listeners, including transport channels, routing, pivoting, and SOCKS support.
- c2
- beacon
- listener
- transports
- smb
- tcp
- socks
Building a Modern C2
Building a Modern C2 - Part 2: GUI
How the Exploration C2 GUI is structured, how it communicates with the TeamServer, and how operator panels fit together.
- c2
- gui
- python
- grpc
- operator-workflows
Building a Modern C2
Building a Modern C2 - Part 1: TeamServer and Architecture
The TeamServer architecture behind Exploration C2: build system, configuration, gRPC, listeners, modules, and SOCKS support.
- c2
- teamserver
- architecture
- grpc
- cmake
- conan
Building a Modern C2
Building a Modern C2 - Part 0: Setup and Basic Usage
A quickstart for running C2TeamServer locally or with Docker and connecting the client and first beacon.
- c2
- setup
- docker
- release
- quickstart
Data: My C2 Agent
How an OpenAI-backed assistant panel became an agent inside the Exploration C2 client.
- c2
- codex
- openai
- agent
- gui
My Journey with Codex
Lessons learned from using Codex on C2Core, module templates, tests, and DNS communication work.
- codex
- c2
- ai-assisted-development
- testing
- templates
Building a Modern C2
Building a Modern C2: Introduction
Introduction and roadmap for the Building a Modern C2 series on Exploration C2.
- c2
- architecture
- authorized-research
- exploration-c2
OpenShiftGrapher: Visualizing and Securing Your OpenShift Cluster
Using graph visualization to map OpenShift resources, identities, policy gaps, and risky relationships.
- openshift
- kubernetes
- neo4j
- graph
- security
DreamWalkers
Research notes on DreamWalkers, a reflective PE loading study with unwind metadata registration, stack behavior analysis, and CLR runtime support.
- windows-internals
- pe-loading
- reflective-loading
- stack-unwinding
- clr