Home | Ethan Seow
About me
I specialize in advanced EDR evasion, red team tooling, and offensive security research.
Read my blog GitHub Get in touch
Open to full-time offensive security roles
A bit about me
I'm an offensive security researcher based in Singapore, currently pursuing a Bachelor's in Information Security at the Singapore Institute of Technology while working as a Cyber Offensive Intern at softScheck APAC.
I build open-source offensive tooling focused on EDR evasion, C2 infrastructure, and post-exploitation.
I share my research on my blog, where I write about in-memory evasion, tradecraft etc.
Experience
Where I've worked
Intern β Cyber Offensive
softScheck APAC β Singapore May 2025 β Apr 2026
Specialized in delivering stealth-based red teaming in modern environments with EDR
Communicated red team engagement results to stakeholders and management
Created COSG's playbooks and tools for red teaming operations
Automated deployment of resilient C2 infrastructure
Worked with sales to scope and plan red team proposals
Performed web and network penetration testing
Developed tools to streamline penetration testing processes
Freelance β Cyber Range Development
ASYNC Security Labs β Remote Dec 2024
Deployed cyber ranges with Ansible and Ludus
Designed realistic cyber range scenarios focused on Active Directory attacks
Contract β Offensive Research
Altered Security β Remote Jul β Oct 2024
Research and development on evading enterprise EDRs (Elastic Defend, Microsoft Defender for Endpoint)
Research and development on evading Mark Of The Web (MOTW) for phishing attacks
Research and development on lateral movement in Active Directory while evading EDR
Developed simulated users for realistic training environments
Documented offensive tools and tradecraft for course material
Intern β Attack Simulation Group
Cyber Security Agency of Singapore β Singapore Sep 2021 β Jun 2022
Developed a modular, extensible tool to automate development and generation of evasive shellcode loaders
Developed a shellcode stager to dynamically stage payloads based on endpoint configuration
Presented offensive research titled "Evasion Adventures" at Division Zero (Div0) exploring modern EDR evasion
Projects
Things I've built
I build and maintain open-source offensive security tooling focused on EDR evasion, C2 frameworks, and red team tradecraft. All projects live on my GitHub.
Beacon Object Files (BOFs)
Multiple popular Cobalt Strike Beacon Object Files enhancing the stealth and post-exploitation capabilities of the Beacon implant.
CustomC2ChannelTemplate
Framework for development of custom C2 channels for Cobalt Strike, implemented via IAT hooks independent of the ExternalC2 interface.
OpenMalleableC2
Framework-agnostic library implementing Cobalt Strike's Malleable C2 profile format for HTTP transformations.
Credentials
Certifications
Offensive Security Certified Professional (OSCP) Offensive Security Β· 2025
Certified Red Team Lead (CRTL) Zero-Point Security Β· 2025
Web Application Penetration Tester (eWPT) eLearnSecurity Β· 2026
Certified Azure Red Team Professional (CARTP) Altered Security Β· 2023
Certified Red Team Operator (CRTO) Zero-Point Security Β· 2023
Certified Professional Penetration Tester (eCPPT) eLearnSecurity Β· 2022
HackTheBox ProLabs β Zephyr & RastaLabs HackTheBox Β· 2024
Offensive Security Wireless Professional (OSWP) Offensive Security Β· 2018
Education
Bachelor of Science β Information Security Singapore Institute of Technology Β· 2022β2026
Diploma β Information Security Management Singapore Polytechnic Β· 2019β2022
Awards
Recognition
PwC Hackaday CTF β 4th Place (2024)
ITSEC Asia Book Prize in Ethical Hacking (2024)
HackTheBox ProLabs β Zephyr, RastaLabs Completion (2024)
WorldSkills Singapore (Cyber Security) β Bronze Medal (2021)
Cyber Defenders Discovery Camp β 3rd Place (2021)
SANS Mixed Disciplines CTF β 6th Place (2020)
YCEP CTF β 2nd Place (2018)
Research
Publications & Talks
Evasion Adventures
Division Zero (Div0) β Singapore
Presented at Division Zero on modern in-memory evasion tradecraft for red teams, exploring techniques to bypass enterprise EDRs while operating with Beacon. Covered live demonstrations, detection logic analysis, and practical evasion strategies for modern defensive stacks.
Contact
Get in touch
I'm currently open to full-time roles in offensive security and red teaming. If you think I'd be a good fit, feel free to reach out.