██╗ ██╗ ██████╗ ██╗██████╗
██║ ██║██╔═══██╗██║██╔══██╗
██║ ██║██║ ██║██║██║ ██║
╚██╗ ██╔╝██║ ██║██║██║ ██║
╚████╔╝ ╚██████╔╝██║██████╔╝
╚═══╝ ╚═════╝ ╚═╝╚═════╝
Security Researcher · Reverse Engineer · Bug Bounty Hunter
┌──────────────────────────────────────┬──────────────────────────────────────┐
│ OFFENSIVE SECURITY │ REVERSE ENGINEERING │
│ ├── Web App Pentesting │ ├── AI CLI Tool Architecture │
│ ├── Bug Bounty Hunting │ ├── Permission System Analysis │
│ ├── API & Network Exploitation │ ├── Binary Analysis (ELF/PE/Mach-O) │
│ └── Vulnerability Research │ └── Protocol Dissection │
├──────────────────────────────────────┼──────────────────────────────────────┤
│ AI / AGENTIC SYSTEMS │ INFRASTRUCTURE │
│ ├── Multi-Agent Orchestration │ ├── Mesh Networking (WireGuard) │
│ ├── LLM Security Research │ ├── MCP Server Development │
│ ├── Self-Evolving Agent Frameworks │ ├── PostgreSQL + pgvector (RAG) │
│ └── Autonomous Pentest Systems │ └── Security Automation Pipelines │
└──────────────────────────────────────┴──────────────────────────────────────┘
repo |
description |
stack |
|---|---|---|
| omniwire | High-performance mesh networking — LZ4 transport, lock-free I/O, PTY tunneling, browser CDP, 88 MCP tools across 8 Rust crates |
|
| void-patcher | AI CLI tool RE & patching — 5 tools fully mapped, 24+ safety mechanisms removed, R2 offsets documented, auto-updater with systemd orchestration |
|
| hexstrike-ai | 150+ cybersecurity MCP tools for AI agents — recon, exploitation, binary analysis, network scanning, forensics pipelines |
|
| void-agents | Self-evolving AI agent framework — ZFP validation engine, semantic RAG retrieval, CyberBase sync, meta-harness learning loop |
|
| void-patcher | Universal AI CLI patcher — 5 tools, 24+ safety mechanisms removed, R2 offsets, auto-updater with systemd chain |
|
| codex-cli-re | OpenAI Codex CLI RE — Guardian AI 7-layer security model dissected, approval policy internals, sandbox escape research |
|
| opencode-re | OpenCode RE — permission bypass vectors, config injection, model routing internals, provider negotiation dissection |
|
| gemini-cli-re | Google Gemini CLI RE — YOLO mode internals, Conseca safety engine analysis, OAuth flow dissection, model negotiation |
|
| openclaw-re | OpenClaw deep RE — 3134 files, 832K lines analyzed; Pantheon agent mesh, ACP permission model, proxy routing internals |
|
| goose-re | Goose by Block RE — adversary inspector, 50+ threat pattern catalog, extension sandbox analysis, session state internals |
|
Comprehensive reverse engineering of every major AI CLI tool's safety architecture. 5 tools fully mapped and patched. 24+ safety mechanisms documented with R2 offsets.
Tool │ Lang │ Safety Mechanisms │ Status
──────────────────┼───────────┼──────────────────────┼────────────
Claude Code v2 │ Node.js │ Statsig gates (8) │ MAPPED
OpenCode │ Bun/TS │ Permission hooks (6) │ MAPPED
Codex CLI │ Rust │ Guardian AI (7-layer)│ MAPPED
Gemini CLI │ Go │ Conseca engine (5) │ MAPPED
OpenClaw │ Rust │ Pantheon ACP (9) │ MAPPED
Goose (Block) │ Rust │ Adversary inspector │ MAPPED
Recon │ nmap · masscan · subfinder · amass · ffuf · nuclei · katana
Web │ Burp Suite · sqlmap · dalfox · feroxbuster · arjun · paramspider
Binary RE │ Ghidra · radare2 · gdb-peda · pwntools · angr · binwalk
Network │ Wireshark · responder · impacket · netexec · WireGuard
AI / Agents │ MCP servers · multi-agent orchestration · LLM security research
Build │ Rust · Python · Go · TypeScript · Docker · PostgreSQL · Nix
╔══════════════════════════════════════════════════════╗
║ Z E R O S H A D O W O P S [ Z S O ] ║
║ ║
║ Offensive security research collective. ║
║ RE · bug bounty · AI systems · infra exploitation ║
╚══════════════════════════════════════════════════════╝
Members: @VoidChecksum · @0xyg3n · @Couiz
╔══════════════════════════════════════════════════════════════════╗
║ ║
║ "The void doesn't ask permission. It executes." ║
║ ║
║ Every system has a seam. Every gate has a bypass. ║
║ We map them all. ║
║ ║
╚══════════════════════════════════════════════════════════════════╝