About

I am an application pentester focused on offensive security engineering, C++ security tooling, Windows internals, AppSec, and lab-oriented security research. This blog documents personal research projects, implementation notes, architecture decisions, and lessons learned from building and testing security tooling in controlled environments.

The main thread is Exploration C2, a modular framework used as a lab platform for studying C2 architecture, communication contracts, and tooling workflows. I also write about supporting libraries, PE loading research, OpenShift security graphing, secure code review, and AI-assisted development workflows.

Boundaries

The views, research, and content shared here are my own and do not represent, reflect, or speak for my employer.

All content is published for authorized security research, education, and controlled lab environments only.

For code and project history, see github.com/maxDcb.