# Home | Ethan Seow {% stepper %} {% step %} ### About me I specialize in advanced EDR evasion, red team tooling, and offensive security research. [Read my blog](https://codex-7.gitbook.io/) [GitHub](https://github.com/CodeXTF2) [Get in touch](#contact) Open to full-time offensive security roles #### A bit about me I'm an offensive security researcher based in Singapore, currently pursuing a Bachelor's in Information Security at the Singapore Institute of Technology while working as a Cyber Offensive Intern at softScheck APAC. I build open-source offensive tooling focused on EDR evasion, C2 infrastructure, and post-exploitation. I share my research on my [blog](https://codex-7.gitbook.io/), where I write about in-memory evasion, tradecraft etc. {% endstep %} {% step %} ### Experience #### Where I've worked **Intern — Cyber Offensive** softScheck APAC — Singapore\ May 2025 – Apr 2026 * Specialized in delivering stealth-based red teaming in modern environments with EDR * Communicated red team engagement results to stakeholders and management * Created COSG's playbooks and tools for red teaming operations * Automated deployment of resilient C2 infrastructure * Worked with sales to scope and plan red team proposals * Performed web and network penetration testing * Developed tools to streamline penetration testing processes **Freelance — Cyber Range Development** ASYNC Security Labs — Remote\ Dec 2024 * Deployed cyber ranges with Ansible and Ludus * Designed realistic cyber range scenarios focused on Active Directory attacks **Contract — Offensive Research** Altered Security — Remote\ Jul – Oct 2024 * Research and development on evading enterprise EDRs (Elastic Defend, Microsoft Defender for Endpoint) * Research and development on evading Mark Of The Web (MOTW) for phishing attacks * Research and development on lateral movement in Active Directory while evading EDR * Developed simulated users for realistic training environments * Documented offensive tools and tradecraft for course material **Intern — Attack Simulation Group** Cyber Security Agency of Singapore — Singapore\ Sep 2021 – Jun 2022 * Developed a modular, extensible tool to automate development and generation of evasive shellcode loaders * Developed a shellcode stager to dynamically stage payloads based on endpoint configuration * Presented offensive research titled "Evasion Adventures" at Division Zero (Div0) exploring modern EDR evasion {% endstep %} {% step %} ### Projects #### Things I've built I build and maintain open-source offensive security tooling focused on EDR evasion, C2 frameworks, and red team tradecraft. All projects live on [my GitHub](https://github.com/CodeXTF2). * [GitHub](https://github.com/CodeXTF2/WindowSpy) Beacon Object Files (BOFs) Multiple popular Cobalt Strike Beacon Object Files enhancing the stealth and post-exploitation capabilities of the Beacon implant. * [GitHub](https://github.com/CodeXTF2/CustomC2ChannelTemplate) CustomC2ChannelTemplate Framework for development of custom C2 channels for Cobalt Strike, implemented via IAT hooks independent of the ExternalC2 interface. * [GitHub](https://github.com/CodeXTF2/OpenMalleableC2) OpenMalleableC2 Framework-agnostic library implementing Cobalt Strike's Malleable C2 profile format for HTTP transformations. [View more on GitHub](https://github.com/CodeXTF2) {% endstep %} {% step %} ### Credentials #### Certifications * Offensive Security Certified Professional (OSCP)\ Offensive Security · 2025 * Certified Red Team Lead (CRTL)\ Zero-Point Security · 2025 * Web Application Penetration Tester (eWPT)\ eLearnSecurity · 2026 * Certified Azure Red Team Professional (CARTP)\ Altered Security · 2023 * Certified Red Team Operator (CRTO)\ Zero-Point Security · 2023 * Certified Professional Penetration Tester (eCPPT)\ eLearnSecurity · 2022 * HackTheBox ProLabs — Zephyr & RastaLabs\ HackTheBox · 2024 * Offensive Security Wireless Professional (OSWP)\ Offensive Security · 2018 #### Education * Bachelor of Science — Information Security\ Singapore Institute of Technology · 2022–2026 * Diploma — Information Security Management\ Singapore Polytechnic · 2019–2022 {% endstep %} {% step %} ### Awards #### Recognition * PwC Hackaday CTF — 4th Place (2024) * ITSEC Asia Book Prize in Ethical Hacking (2024) * HackTheBox ProLabs — Zephyr, RastaLabs Completion (2024) * WorldSkills Singapore (Cyber Security) — Bronze Medal (2021) * Cyber Defenders Discovery Camp — 3rd Place (2021) * SANS Mixed Disciplines CTF — 6th Place (2020) * YCEP CTF — 2nd Place (2018) {% endstep %} {% step %} ### Research #### Publications & Talks **Evasion Adventures** Division Zero (Div0) — Singapore Presented at Division Zero on modern in-memory evasion tradecraft for red teams, exploring techniques to bypass enterprise EDRs while operating with Beacon. Covered live demonstrations, detection logic analysis, and practical evasion strategies for modern defensive stacks. [Read more on my blog](https://codex-7.gitbook.io/) {% endstep %} {% step %} ### Contact #### Get in touch I'm currently open to full-time roles in offensive security and red teaming. If you think I'd be a good fit, feel free to reach out. [Blog](https://codex-7.gitbook.io/) [GitHub](https://github.com/CodeXTF2) [LinkedIn](https://www.linkedin.com/in/3th4n-530w/) {% endstep %} {% endstepper %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://codex-7.gitbook.io/codexs-terminal-window/home-or-ethan-seow.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.