_Ray

New Release Havoc Professional 0.7: K-Noir 🐺 - Linux Implant for x86_64 and AArch64 - Stack Spoofing: Callstack Function Rule System - Stack Spoofing: CET Compliance and evasion improvements. - New Registry manipulation extension with anti-forensic features - TCP based channels for direct and p2p communication - New thread injection and memory allocation techniques via the Inject-kit - Embedded Python Debug Server into the Havoc Client And major Quality-of-Life improvements and features for operational use while making it more stable and modular. Link down below 🔗

I’ve been grinding hard on AI for the better part of the last 8+ months - learning, building, adapting, and pulling late nights just like so many others right now. Cutting through the FUD and hype, there is real potential here. Industry-breaking potential. The era we’ve been waiting for - to finally supercharge and develop the tools and platforms we’ve wanted to build for years - is here, and agent assistance is accelerating everything. With coding agents, I’ve built solid tools and had research breakthroughs that would have taken weeks or months before. These should feel like real wins worth celebrating. But honestly? I don’t feel victorious. In many ways, it just feels necessary to keep pace. As Dave said: adapt or be left behind - and for good reason. I’m not ready to be left behind. But damn, I’m tired. I’m tired of constantly reinventing myself. Tired of constantly re-tooling. Tired of the endless cycle of keeping up, the late nights, and the personal sacrifices that come with it. I’ve even lost the desire to share knowledge and research with the community the way I used to. From the conversations I’ve had, I’m far from alone - many others in this space feel the same but don’t necessarily vocalize it outside of smaller circles. Is it because I see AI purely as a threat? Not really. The offensive side of our industry has been heading this way for a while, and I’ve been moving with it. The truth is, the excitement Dave describes is real - but for me right now, it’s mixed with exhaustion. I’m grateful for the breakthroughs, yet I catch myself wondering how long I can sustain this level of constant reinvention without something giving. The early-2000s energy is back, sure… but so is the burnout that often came with it. Being a bit older now, with young kids at home, the pace hits differently. I don’t have the same endless energy I once did, and the late nights and constant context-switching carry a heavier weight. Finding balance is tough, but it feels more important than ever. Hopefully we can all figure out how to ride this wave more sustainably - without burning out in the process.

Cyllex v0.4.0: 604 TTPs across 7 platforms. Full Azure & GCP cloud coverage, Kubernetes & Docker container testing, 4 SIEM integrations, and 21 APT group profiles in the new APT Codex. Beta is targeting late March / early April. I track progress publicly, you can see exactly where things stand at any point. One last thing: thank you. Building this solo takes time, and knowing people are actually following along makes it worth it. Every subscription, every piece of feedback, every message asking about the beta reminds me why I started this in the first place. Genuinely appreciate the support. #purpleteam #cyllexframework #aptemulation #mitre #attacksimulation

Spent the weekend working on Cyllex and added a Splunk integration for log correlation. Also added detection events for each TTP. There's still a lot of work ahead, but it's starting to look great! I'll keep working on more integrations. Thanks to everyone who's been showing interest and supporting the project! :)