Skip to content
View JoyGhoshs's full-sized avatar
🇧🇩
Bangladeshi
🇧🇩
Bangladeshi
186 followers · 0 following

Achievements

Achievement: YOLOAchievement: Pull Sharkx2Achievement: Starstruckx2Achievement: Arctic Code Vault Contributor

Achievements

Achievement: YOLOAchievement: Pull Sharkx2Achievement: Starstruckx2Achievement: Arctic Code Vault Contributor

Highlights

Block or report JoyGhoshs

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
joyghoshs/README.md

Abdur Rahman Maheer

armx64 · Senior Security Engineer · Vulnerability Researcher · Builder

GitHub followers Medium Location Profile Views

whoami

$ id
uid=1337(armx64) gid=security(researcher) groups=red-team,vapt,osdev,bangladesh

$ cat /etc/passwd | grep armx64
armx64:9+ years in offensive security, VAPT lead, open-source tooler

9+ years breaking things professionally. I lead the VAPT team at Trustaira Limited as Senior Security Engineer, run System00 Security as an independent research org, and write hands-on vulnerability research on Medium.

My work sits at the intersection of red team operations, exploit development, and practical tooling from wireless attack frameworks to abusing image-hosting services as C2 infrastructure.

Research & Writing

Pinned articles from armx64.medium.com — all hands-on, no fluff:

Article Topic
Abusing Image Hosting Service as C2 Server C2 / Red Team Infrastructure
Type Confusion in Adminer → Persistent DoS Vulnerability Research
Chaining CVE-2024-24919 (Check Point LFI) CVE Exploitation
Emergence Without Understanding: LLM Social Network Postmortem AI / Security Research
AI-Powered Phishing: The New Frontier Offensive AI
Creating a Mini C2 with Golang & Flask Malware Dev / C2

Current Focus

  • Red Team Operations — OPSEC-aware adversary simulation (CRTO certified)
  • Vulnerability Research — CVE discovery, type confusion, LFI chaining, C2 evasion
  • AI × Security — Offensive use of LLMs, autonomous agent threat modeling
  • Tooling — Maintainable, practical security tools in Python, Go, Bash, C, PHP

Stack

Python Go Bash C PHP Linux

Pinned Loading

  1. ctf-challenges ctf-challenges Public

    CAPTURE THE FLAG CHALLENGES

    PHP 2

  2. HayaGuard HayaGuard Public

    Forked from System00-Security/HayaGuard

    Privacy-focused Facebook client with on-device ML content filtering, tracker blocking, and feed analytics.

    Kotlin 1

  3. ImgBB-c2 ImgBB-c2 Public

    Serverless C2 POC which Uses ImgBB as C2 Server & Transmitting command and recivng data

    Go 1

  4. EtherSRCPull EtherSRCPull Public

    pulls eth contract source from etherscan

    Python 1

  5. PenNoteAI PenNoteAI Public

    An Obsidian plugin that acts as an agentic AI assistant for penetration testing notes — it searches the web, crawls sources, and writes verified findings directly into your vault.

    TypeScript 1 1

  6. System00-Security/Ghost-Key System00-Security/Ghost-Key Public

    Android Bluetooth HID Emulation Framework

    Kotlin 3