# Red Team Dev

- [Extending Havoc C2](/codexs-terminal-window/red-team/red-team-dev/extending-havoc-c2.md): Blog series where I try to explain the third party interfaces in @C5pider's Havoc C2
- [Third Party Agents](/codexs-terminal-window/red-team/red-team-dev/extending-havoc-c2/third-party-agents.md)
- [1: Understanding the interface](/codexs-terminal-window/red-team/red-team-dev/extending-havoc-c2/third-party-agents/1-understanding-the-interface.md)
- [2: Writing the agent](/codexs-terminal-window/red-team/red-team-dev/extending-havoc-c2/third-party-agents/2-writing-the-agent.md)
- [3: Writing the agent handler](/codexs-terminal-window/red-team/red-team-dev/extending-havoc-c2/third-party-agents/3-writing-the-agent-handler.md)
- [4: Testing the agent](/codexs-terminal-window/red-team/red-team-dev/extending-havoc-c2/third-party-agents/4-testing-the-agent.md)
- [Loader Dev](/codexs-terminal-window/red-team/red-team-dev/loader-dev.md): CreateRemoteThread()
- [In Memory OPSEC](/codexs-terminal-window/red-team/red-team-dev/loader-dev/in-memory-opsec.md)
- [PE Structures](/codexs-terminal-window/red-team/red-team-dev/loader-dev/in-memory-opsec/pe-structures.md)
- [Memory Permissions and Allocation Types](/codexs-terminal-window/red-team/red-team-dev/loader-dev/in-memory-opsec/memory-permissions-and-allocation-types.md)
- [In Memory Signatures](/codexs-terminal-window/red-team/red-team-dev/loader-dev/in-memory-opsec/in-memory-signatures.md)
- [Evasion Adventures](/codexs-terminal-window/red-team/red-team-dev/loader-dev/evasion-adventures.md): Talk I gave on in memory evasion and memory OPSEC.
- [Sleep masking](/codexs-terminal-window/red-team/red-team-dev/loader-dev/sleep-masking.md): Because sometimes set sleep\_mask "true"; isnt enough
- [Mimikatz vs Windows Defender](/codexs-terminal-window/red-team/red-team-dev/loader-dev/mimikatz-vs-windows-defender.md): Ever wanted to drop Mimikatz to disk during an engagement? Probably not. Lets do it anyways!
- [Indirect syscalls](/codexs-terminal-window/red-team/red-team-dev/loader-dev/indirect-syscalls.md): Referenced from: https://www.cobaltstrike.com/blog/writing-beacon-object-files-flexible-stealthy-and-compatible/