Cas van Cooten
@casvancooten.com
@chvancooten on the bird app 🐦
---
Benevolently malicious offensive security enthusiast || OffSec Developer & Malware Linguist || NimPlant & NimPackt author || @ABNAMRO Red Team
---
Benevolently malicious offensive security enthusiast || OffSec Developer & Malware Linguist || NimPlant & NimPackt author || @ABNAMRO Red Team
Pinned
Cas van Cooten
@casvancooten.com
· Nov 17
Hello world! With Bluesky picking up steam I guess a (re-)introduction is in order. My name is Cas, I'm a red teamer at a big bank in the Netherlands. I like malware development (specifically in modern languages like Rust or Go) and learning more dev stuff every day. Content may include shitposts! 💜
Not thinking about infosec for a while 🥰
April 25, 2025 at 7:00 PM
Not thinking about infosec for a while 🥰
Pretty fun proof of concept - VS Code's `copilot-instructions.md` allows for blatant backdooring of agents if any AI agents or edits are run from an untrusted repository. It can seemingly fulfil the user's request, but actually implement (and hide) some nefarious side activities 😂
April 18, 2025 at 2:33 PM
Pretty fun proof of concept - VS Code's `copilot-instructions.md` allows for blatant backdooring of agents if any AI agents or edits are run from an untrusted repository. It can seemingly fulfil the user's request, but actually implement (and hide) some nefarious side activities 😂
Touched down in Singapore! Looking forward to Black Hat Asia. Hope to see many of you around!
March 31, 2025 at 11:40 AM
Touched down in Singapore! Looking forward to Black Hat Asia. Hope to see many of you around!
This must be the most informative graphic contained in the Microsoft docs
learn.microsoft.com/en-us/opensp...
learn.microsoft.com/en-us/opensp...
March 18, 2025 at 12:55 PM
This must be the most informative graphic contained in the Microsoft docs
learn.microsoft.com/en-us/opensp...
learn.microsoft.com/en-us/opensp...
I was invited to present Nimplant at Black Hat Asia 2025 in Singapore this April! If you're around, please do reach out to talk offensive development, modern programming languages, or how to use (or detect) Nimplant in your ops. Looking forward to it!
www.blackhat.com/asia-25/arse...
www.blackhat.com/asia-25/arse...
March 8, 2025 at 10:29 AM
I was invited to present Nimplant at Black Hat Asia 2025 in Singapore this April! If you're around, please do reach out to talk offensive development, modern programming languages, or how to use (or detect) Nimplant in your ops. Looking forward to it!
www.blackhat.com/asia-25/arse...
www.blackhat.com/asia-25/arse...
Recently came across a pretty neat technique to silently load (malicious) VS Code extensions using its bootstrapping and portability features. Thought it was interesting enough to warrant my first blog post in 4 years 🙃
Check it out 👇
casvancooten.com/posts/2025/0...
Check it out 👇
casvancooten.com/posts/2025/0...
Abusing VS Code's Bootstrapping Functionality To Quietly Load Malicious Extensions
Wow, been a while since my last blog 😅. During some research I came across a technique variation which I felt was interesting enough to share in a brief blog post. It relates to how the bootstrapping ...
casvancooten.com
February 28, 2025 at 3:57 PM
Recently came across a pretty neat technique to silently load (malicious) VS Code extensions using its bootstrapping and portability features. Thought it was interesting enough to warrant my first blog post in 4 years 🙃
Check it out 👇
casvancooten.com/posts/2025/0...
Check it out 👇
casvancooten.com/posts/2025/0...
Lol 75% thought leader, must be because I interact with @xpnsec.com too much 😂
blueskyroast.com/roast/casvan...
blueskyroast.com/roast/casvan...
December 2, 2024 at 8:32 AM
Lol 75% thought leader, must be because I interact with @xpnsec.com too much 😂
blueskyroast.com/roast/casvan...
blueskyroast.com/roast/casvan...
My ears were ringing when this was presented at RedTreat. Time for round two with this blog and tool release 😅 🔥
New platform, who dis? It me, and @johnnyspandex.bsky.social dropping some VPN client exploit freshness! 🌮🔒
Today, we're releasing NachoVPN, our VPN client exploitation tool, as presented at SANS HackFest Hollywood. Get it on the @amberwolfsec.bsky.social blog:
blog.amberwolf.com/blog/2024/no...
Today, we're releasing NachoVPN, our VPN client exploitation tool, as presented at SANS HackFest Hollywood. Get it on the @amberwolfsec.bsky.social blog:
blog.amberwolf.com/blog/2024/no...
Introducing NachoVPN: One VPN Server to Pwn Them All
AmberWolf Security Research Blog
blog.amberwolf.com
November 26, 2024 at 4:00 PM
My ears were ringing when this was presented at RedTreat. Time for round two with this blog and tool release 😅 🔥
Looks like @rasta-mouse.bsky.social made it 👀 @xpnsec.com
November 19, 2024 at 7:18 PM
Looks like @rasta-mouse.bsky.social made it 👀 @xpnsec.com
Hello world! With Bluesky picking up steam I guess a (re-)introduction is in order. My name is Cas, I'm a red teamer at a big bank in the Netherlands. I like malware development (specifically in modern languages like Rust or Go) and learning more dev stuff every day. Content may include shitposts! 💜
November 17, 2024 at 10:20 PM
Hello world! With Bluesky picking up steam I guess a (re-)introduction is in order. My name is Cas, I'm a red teamer at a big bank in the Netherlands. I like malware development (specifically in modern languages like Rust or Go) and learning more dev stuff every day. Content may include shitposts! 💜
Check out Jilles' starter packs for great infosec follows (NL + EN)!
November 17, 2024 at 12:15 PM
Check out Jilles' starter packs for great infosec follows (NL + EN)!
This evening I'll be joining the HackTheBox Belgium meetup to speak about offensive development in modern languages. It should be fun, feel free to join! 🥳
www.meetup.com/meetup-group...
www.meetup.com/meetup-group...
0x10 - Offensive Development In Modern Languages, Tue, Nov 12, 2024, 6:00 PM | Meetup
Instead of a machine walkthrough, we will welcome Cas Van Cooten to give his talk on "Offensive Development In Modern Languages"! It will be fully online and start at 6PM (
www.meetup.com
November 12, 2024 at 12:34 PM
This evening I'll be joining the HackTheBox Belgium meetup to speak about offensive development in modern languages. It should be fun, feel free to join! 🥳
www.meetup.com/meetup-group...
www.meetup.com/meetup-group...