Exploration C2 0.16: Multi-Arch Windows Builds, ARM64, Donut, CI, and Codex
Technical notes on the 0.16 release: multi-architecture Windows builds, ARM64 support, Donut integration work, CI validation, and Codex-assisted low-level engineering.
MaxDcb Research
Technical research notes on offensive security engineering, low-level tooling, and security architecture. I write about how security tools are built, how runtime mechanisms behave, how protocols and modules are structured, and how complex systems can be analyzed from an attacker-informed engineering perspective.
The main areas covered here are:
- Offensive security engineering and research methodology.
- C++ security tooling, build systems, module boundaries, and test harnesses.
- Windows internals, PE loading, reflective loading, unwind metadata, and runtime analysis.
- Application security, secure code review, exploitability reasoning, and design review.
- C2 architecture, transport abstractions, message formats, module loading, and operator workflows.
- Kubernetes and OpenShift security modeling, RBAC analysis, and graph-based attack surface mapping.
- LLM agentic workflows for security research, code review, tooling automation, and lab operators.
Boundaries
The views, research, and content shared here are my own and do not represent, reflect, or speak for my employer.
All content is published for authorized security research, education, and controlled lab environments only.
Latest Articles
Building a Modern C2 - Part 4: Modules
How Exploration C2 modules are loaded, executed, unloaded, and shared between TeamServer and beacon implementations.
Building a Modern C2 - Part 3: Beacons and Listeners
The shared runtime contract between beacons and listeners, including transport channels, routing, pivoting, and SOCKS support.
Building a Modern C2 - Part 2: GUI
How the Exploration C2 GUI is structured, how it communicates with the TeamServer, and how operator panels fit together.
Building a Modern C2 - Part 1: TeamServer and Architecture
The TeamServer architecture behind Exploration C2: build system, configuration, gRPC, listeners, modules, and SOCKS support.
Building a Modern C2 - Part 0: Setup and Basic Usage
A quickstart for running C2TeamServer locally or with Docker and connecting the client and first beacon.
Data: My C2 Agent
How an OpenAI-backed assistant panel became an agent inside the Exploration C2 client.
My Journey with Codex
Lessons learned from using Codex on C2Core, module templates, tests, and DNS communication work.
Building a Modern C2: Introduction
Introduction and roadmap for the Building a Modern C2 series on Exploration C2.
OpenShiftGrapher: Visualizing and Securing Your OpenShift Cluster
Using graph visualization to map OpenShift resources, identities, policy gaps, and risky relationships.
DreamWalkers
Research notes on DreamWalkers, a reflective PE loading study with unwind metadata registration, stack behavior analysis, and CLR runtime support.