$ id
uid=1337(armx64) gid=security(researcher) groups=red-team,vapt,osdev,bangladesh
$ cat /etc/passwd | grep armx64
armx64:9+ years in offensive security, VAPT lead, open-source tooler
9+ years breaking things professionally. I lead the VAPT team at Trustaira Limited as Senior Security Engineer, run System00 Security as an independent research org, and write hands-on vulnerability research on Medium.
My work sits at the intersection of red team operations, exploit development, and practical tooling from wireless attack frameworks to abusing image-hosting services as C2 infrastructure.
Pinned articles from armx64.medium.com — all hands-on, no fluff:
| Article | Topic |
|---|---|
| Abusing Image Hosting Service as C2 Server | C2 / Red Team Infrastructure |
| Type Confusion in Adminer → Persistent DoS | Vulnerability Research |
| Chaining CVE-2024-24919 (Check Point LFI) | CVE Exploitation |
| Emergence Without Understanding: LLM Social Network Postmortem | AI / Security Research |
| AI-Powered Phishing: The New Frontier | Offensive AI |
| Creating a Mini C2 with Golang & Flask | Malware Dev / C2 |
- Red Team Operations — OPSEC-aware adversary simulation (CRTO certified)
- Vulnerability Research — CVE discovery, type confusion, LFI chaining, C2 evasion
- AI × Security — Offensive use of LLMs, autonomous agent threat modeling
- Tooling — Maintainable, practical security tools in Python, Go, Bash, C, PHP
