[{"content":"Merlin is a cross-platform post-exploitation HTTP/2 Command \u0026amp; Control server and agent written in Go. It leverages HTTP/2 for C2 communications, providing a modern and extensible framework for red team operations.\n","date":"October 1, 2017","externalUrl":"https://github.com/Ne0nd0g/merlin","permalink":"/projects/merlin/","section":"Projects","summary":"Merlin is a cross-platform post-exploitation HTTP/2 Command \u0026 Control server and agent written in Go. It leverages HTTP/2 for C2 communications, providing a modern and extensible framework for red team operations.\n","title":"Merlin","type":"projects"},{"content":"A repository of Windows shellcode runners and supporting utilities. The applications load and execute shellcode using various API calls and techniques.\n","date":"June 1, 2020","externalUrl":"https://github.com/Ne0nd0g/go-shellcode","permalink":"/projects/go-shellcode/","section":"Projects","summary":"A repository of Windows shellcode runners and supporting utilities. The applications load and execute shellcode using various API calls and techniques.\n","title":"go-shellcode","type":"projects"},{"content":"A proof-of-concept Go package for hosting the Common Language Runtime (CLR) and executing .NET assemblies from Go.\n","date":"January 1, 2021","externalUrl":"https://github.com/Ne0nd0g/go-clr","permalink":"/projects/go-clr/","section":"Projects","summary":"A proof-of-concept Go package for hosting the Common Language Runtime (CLR) and executing .NET assemblies from Go.\n","title":"go-clr","type":"projects"},{"content":"Cross-platform post-exploitation HTTP Command \u0026amp; Control agent written in Go, integrated with the Mythic C2 framework.\n","date":"June 1, 2021","externalUrl":"https://github.com/MythicAgents/merlin","permalink":"/projects/merlin-mythic/","section":"Projects","summary":"Cross-platform post-exploitation HTTP Command \u0026 Control agent written in Go, integrated with the Mythic C2 framework.\n","title":"Merlin (Mythic)","type":"projects"},{"content":"A collection of miscellaneous Go utilities and tools.\n","date":"January 1, 2022","externalUrl":"https://github.com/Ne0nd0g/oddments","permalink":"/projects/oddments/","section":"Projects","summary":"A collection of miscellaneous Go utilities and tools.\n","title":"Oddments","type":"projects"},{"content":"Sage is a virtual Mythic agent that uses an AI agentic system to operate Mythic and Mythic agents running on compromised hosts. Built with LangChain and integrates with Arize Phoenix for observability.\n","date":"January 1, 2024","externalUrl":"https://github.com/MythicAgents/sage","permalink":"/projects/sage/","section":"Projects","summary":"Sage is a virtual Mythic agent that uses an AI agentic system to operate Mythic and Mythic agents running on compromised hosts. Built with LangChain and integrates with Arize Phoenix for observability.\n","title":"Sage","type":"projects"},{"content":"","date":"April 6, 2026","externalUrl":null,"permalink":"/tags/ai/","section":"Tags","summary":"","title":"AI","type":"tags"},{"content":"","date":"April 6, 2026","externalUrl":"https://specterops.io/blog/2026/04/06/ai-red-teaming-still-comes-back-to-identity-access-and-attack-paths/","permalink":"/blog/ai-red-teaming-identity-access-attack-paths/","section":"Blog","summary":"","title":"AI Red Teaming Still Comes Back to Identity, Access, and Attack Paths","type":"blog"},{"content":"","date":"April 6, 2026","externalUrl":null,"permalink":"/blog/","section":"Blog","summary":"","title":"Blog","type":"blog"},{"content":"","date":"April 6, 2026","externalUrl":null,"permalink":"/categories/","section":"Categories","summary":"","title":"Categories","type":"categories"},{"content":"","date":"April 6, 2026","externalUrl":null,"permalink":"/categories/cybersecurity/","section":"Categories","summary":"","title":"Cybersecurity","type":"categories"},{"content":"","date":"April 6, 2026","externalUrl":null,"permalink":"/tags/cybersecurity/","section":"Tags","summary":"","title":"Cybersecurity","type":"tags"},{"content":"","date":"April 6, 2026","externalUrl":null,"permalink":"/tags/identity/","section":"Tags","summary":"","title":"Identity","type":"tags"},{"content":"","date":"April 6, 2026","externalUrl":null,"permalink":"/tags/red-team/","section":"Tags","summary":"","title":"Red Team","type":"tags"},{"content":"","date":"April 6, 2026","externalUrl":null,"permalink":"/","section":"Russel Van Tuyl","summary":"","title":"Russel Van Tuyl","type":"page"},{"content":"","date":"April 6, 2026","externalUrl":null,"permalink":"/tags/","section":"Tags","summary":"","title":"Tags","type":"tags"},{"content":"Event: Risky Business — Soap Box Channel: Risky Business Media\nRecording # ","date":"March 26, 2026","externalUrl":null,"permalink":"/talks/red-teaming-ai-specterops/","section":"Talks","summary":"Event: Risky Business — Soap Box Channel: Risky Business Media\n","title":"Red Teaming AI Systems with SpecterOps","type":"talks"},{"content":"","date":"March 26, 2026","externalUrl":null,"permalink":"/talks/","section":"Talks","summary":"","title":"Talks","type":"talks"},{"content":"","date":"January 6, 2026","externalUrl":null,"permalink":"/tags/leadership/","section":"Tags","summary":"","title":"Leadership","type":"tags"},{"content":"","date":"January 6, 2026","externalUrl":null,"permalink":"/tags/military/","section":"Tags","summary":"","title":"Military","type":"tags"},{"content":"","date":"January 6, 2026","externalUrl":"https://federalnewsnetwork.com/commentary/2026/01/the-veteran-advantage-how-military-service-shapes-cybersecurity-leadership/","permalink":"/blog/veteran-advantage-cybersecurity-leadership/","section":"Blog","summary":"","title":"The Veteran Advantage: How Military Service Shapes Cybersecurity Leadership","type":"blog"},{"content":"","date":"January 6, 2026","externalUrl":null,"permalink":"/tags/veterans/","section":"Tags","summary":"","title":"Veterans","type":"tags"},{"content":"","date":"January 1, 2024","externalUrl":null,"permalink":"/categories/ai/","section":"Categories","summary":"","title":"Ai","type":"categories"},{"content":"","date":"January 1, 2024","externalUrl":null,"permalink":"/tags/llm/","section":"Tags","summary":"","title":"Llm","type":"tags"},{"content":"","date":"January 1, 2024","externalUrl":null,"permalink":"/tags/mythic/","section":"Tags","summary":"","title":"Mythic","type":"tags"},{"content":"","date":"January 1, 2024","externalUrl":null,"permalink":"/projects/","section":"Projects","summary":"","title":"Projects","type":"projects"},{"content":"","date":"January 1, 2024","externalUrl":null,"permalink":"/tags/python/","section":"Tags","summary":"","title":"Python","type":"tags"},{"content":"","date":"November 15, 2023","externalUrl":null,"permalink":"/tags/c2/","section":"Tags","summary":"","title":"C2","type":"tags"},{"content":"","date":"November 15, 2023","externalUrl":null,"permalink":"/tags/merlin/","section":"Tags","summary":"","title":"Merlin","type":"tags"},{"content":"","date":"November 15, 2023","externalUrl":"https://posts.specterops.io/merlins-evolution-multi-operator-cli-and-peer-to-peer-magic-c7d2f29e192f","permalink":"/blog/merlins-evolution-multi-operator-cli/","section":"Blog","summary":"","title":"Merlin's Evolution: Multi-Operator CLI and Peer-to-Peer Magic","type":"blog"},{"content":"","date":"November 15, 2023","externalUrl":null,"permalink":"/tags/offensive-security/","section":"Tags","summary":"","title":"Offensive Security","type":"tags"},{"content":"","date":"January 1, 2022","externalUrl":null,"permalink":"/tags/go/","section":"Tags","summary":"","title":"Go","type":"tags"},{"content":"","date":"January 1, 2022","externalUrl":null,"permalink":"/categories/software-development/","section":"Categories","summary":"","title":"Software-Development","type":"categories"},{"content":"","date":"January 1, 2022","externalUrl":null,"permalink":"/tags/utilities/","section":"Tags","summary":"","title":"Utilities","type":"tags"},{"content":"","date":"June 1, 2021","externalUrl":null,"permalink":"/tags/post-exploitation/","section":"Tags","summary":"","title":"Post-Exploitation","type":"tags"},{"content":"","date":"April 22, 2021","externalUrl":"https://posts.specterops.io/offensive-security-guide-to-ssh-tunnels-and-proxies-b525cbd4d4c6","permalink":"/blog/offensive-security-guide-ssh-tunnels/","section":"Blog","summary":"","title":"Offensive Security Guide to SSH Tunnels and Proxies","type":"blog"},{"content":"","date":"April 22, 2021","externalUrl":null,"permalink":"/tags/proxies/","section":"Tags","summary":"","title":"Proxies","type":"tags"},{"content":"","date":"April 22, 2021","externalUrl":null,"permalink":"/tags/ssh/","section":"Tags","summary":"","title":"SSH","type":"tags"},{"content":"","date":"April 22, 2021","externalUrl":null,"permalink":"/tags/tunnels/","section":"Tags","summary":"","title":"Tunnels","type":"tags"},{"content":"","date":"January 1, 2021","externalUrl":null,"permalink":"/tags/clr/","section":"Tags","summary":"","title":"Clr","type":"tags"},{"content":"","date":"January 1, 2021","externalUrl":null,"permalink":"/tags/dotnet/","section":"Tags","summary":"","title":"Dotnet","type":"tags"},{"content":"","date":"June 1, 2020","externalUrl":null,"permalink":"/tags/shellcode/","section":"Tags","summary":"","title":"Shellcode","type":"tags"},{"content":"","date":"June 1, 2020","externalUrl":null,"permalink":"/tags/windows/","section":"Tags","summary":"","title":"Windows","type":"tags"},{"content":"Event: SO-CON 2020 Host: SpecterOps\nRecording # ","date":"January 1, 2020","externalUrl":null,"permalink":"/talks/merlin-walkthrough-socon-2020/","section":"Talks","summary":"Event: SO-CON 2020 Host: SpecterOps\n","title":"Inside the Magic — A Merlin Walkthrough","type":"talks"},{"content":"","date":"August 28, 2019","externalUrl":"https://posts.specterops.io/merlin-v0-8-0-released-6883528b370b","permalink":"/blog/merlin-v0-8-0-released/","section":"Blog","summary":"","title":"Merlin v0.8.0 Released","type":"blog"},{"content":"","date":"August 28, 2019","externalUrl":null,"permalink":"/tags/release/","section":"Tags","summary":"","title":"Release","type":"tags"},{"content":"","date":"August 20, 2019","externalUrl":null,"permalink":"/tags/cryptography/","section":"Tags","summary":"","title":"Cryptography","type":"tags"},{"content":"","date":"August 20, 2019","externalUrl":"https://posts.specterops.io/merlin-goes-opaque-for-key-exchange-420db3a58713","permalink":"/blog/merlin-goes-opaque-key-exchange/","section":"Blog","summary":"","title":"Merlin Goes OPAQUE for Key Exchange","type":"blog"},{"content":"","date":"August 20, 2019","externalUrl":null,"permalink":"/tags/opaque/","section":"Tags","summary":"","title":"OPAQUE","type":"tags"},{"content":"","date":"April 12, 2019","externalUrl":"https://posts.specterops.io/merlin-v0-7-0-release-roll-up-717739cde77a","permalink":"/blog/merlin-v0-7-0-release/","section":"Blog","summary":"","title":"Merlin v0.7.0 Release \u0026 Roll-up","type":"blog"},{"content":"","date":"August 8, 2018","externalUrl":null,"permalink":"/tags/black-hat/","section":"Tags","summary":"","title":"Black Hat","type":"tags"},{"content":"","date":"August 8, 2018","externalUrl":"https://blackhat.com/us-18/arsenal.html#merlin","permalink":"/talks/merlin-blackhat-arsenal-2018/","section":"Talks","summary":"","title":"Merlin — Black Hat USA 2018 Arsenal","type":"talks"},{"content":"","date":"August 7, 2018","externalUrl":"https://medium.com/@Ne0nd0g/merlin-v0-6-0-beta-released-7e75d3ef06a9","permalink":"/blog/merlin-v0-6-0-beta-released/","section":"Blog","summary":"","title":"Merlin v0.6.0 Beta Released","type":"blog"},{"content":"","date":"July 31, 2018","externalUrl":"https://medium.com/@Ne0nd0g/merlin-adds-support-for-the-quic-protocol-ee5f8a1e8955","permalink":"/blog/merlin-quic-protocol/","section":"Blog","summary":"","title":"Merlin Adds Support for the QUIC Protocol","type":"blog"},{"content":"","date":"July 31, 2018","externalUrl":null,"permalink":"/tags/protocol/","section":"Tags","summary":"","title":"Protocol","type":"tags"},{"content":"","date":"July 31, 2018","externalUrl":null,"permalink":"/tags/quic/","section":"Tags","summary":"","title":"QUIC","type":"tags"},{"content":"","date":"June 1, 2018","externalUrl":null,"permalink":"/tags/http/2/","section":"Tags","summary":"","title":"HTTP/2","type":"tags"},{"content":"Event: BSides Knoxville Host: BSides Knoxville\nRecording # ","date":"June 1, 2018","externalUrl":null,"permalink":"/talks/http2-magic-merlin-bsides/","section":"Talks","summary":"Event: BSides Knoxville Host: BSides Knoxville\n","title":"HTTP/2 Magic with Merlin","type":"talks"},{"content":"","date":"May 30, 2018","externalUrl":null,"permalink":"/tags/exploit-development/","section":"Tags","summary":"","title":"Exploit Development","type":"tags"},{"content":"","date":"May 30, 2018","externalUrl":null,"permalink":"/tags/metasploit/","section":"Tags","summary":"","title":"Metasploit","type":"tags"},{"content":"","date":"May 30, 2018","externalUrl":"https://www.rapid7.com/db/modules/exploit/windows/smb/smb_delivery/","permalink":"/blog/metasploit-smb-delivery/","section":"Blog","summary":"","title":"Metasploit Module: SMB Delivery","type":"blog"},{"content":"","date":"May 30, 2018","externalUrl":null,"permalink":"/tags/smb/","section":"Tags","summary":"","title":"SMB","type":"tags"},{"content":"","date":"March 22, 2018","externalUrl":null,"permalink":"/tags/dll/","section":"Tags","summary":"","title":"DLL","type":"tags"},{"content":"","date":"March 22, 2018","externalUrl":"https://medium.com/@Ne0nd0g/merlin-adds-dll-agent-powershell-invoke-merlin-script-6127b3d7cbcd","permalink":"/blog/merlin-dll-agent-powershell/","section":"Blog","summary":"","title":"Merlin Adds DLL Agent \u0026 PowerShell Invoke-Merlin Script","type":"blog"},{"content":"","date":"March 22, 2018","externalUrl":null,"permalink":"/tags/powershell/","section":"Tags","summary":"","title":"PowerShell","type":"tags"},{"content":"","date":"March 15, 2018","externalUrl":"https://medium.com/@Ne0nd0g/merlin-v0-1-4-released-menus-modules-8efd1ce9ba84","permalink":"/blog/merlin-v0-1-4-menus-modules/","section":"Blog","summary":"","title":"Merlin v0.1.4 Released — Menus \u0026 Modules","type":"blog"},{"content":"","date":"March 13, 2018","externalUrl":"https://medium.com/@Ne0nd0g/merlin-adds-module-support-f1211175412e","permalink":"/blog/merlin-adds-module-support/","section":"Blog","summary":"","title":"Merlin Adds Module Support","type":"blog"},{"content":"","date":"March 13, 2018","externalUrl":null,"permalink":"/tags/modules/","section":"Tags","summary":"","title":"Modules","type":"tags"},{"content":"","date":"June 4, 2016","externalUrl":null,"permalink":"/tags/penetration-testing/","section":"Tags","summary":"","title":"Penetration Testing","type":"tags"},{"content":"Event: BSides Knoxville 2016\nRecording # Slides # View on SlideShare\n","date":"June 4, 2016","externalUrl":null,"permalink":"/talks/powershell-cyber-warriors-bsides-2016/","section":"Talks","summary":"Event: BSides Knoxville 2016\n","title":"PowerShell for Cyber Warriors","type":"talks"},{"content":"","date":"March 1, 2016","externalUrl":null,"permalink":"/tags/active-directory/","section":"Tags","summary":"","title":"Active Directory","type":"tags"},{"content":"","date":"March 1, 2016","externalUrl":"https://roanokeinfosec.com/2016/04/01/march-2016-common-network-penetration-testing-techniques/","permalink":"/talks/common-pen-testing-techniques-rise-2016/","section":"Talks","summary":"","title":"Common Network Penetration Testing Techniques","type":"talks"},{"content":" Hi, I\u0026rsquo;m Russel Van Tuyl.\nI work at the intersection of cybersecurity, software development, AI, and smart home technologies. This site is where I share what I\u0026rsquo;m learning, building, and thinking about.\nWhat I Do # Cybersecurity - [Describe your security work, specializations, certifications] Software Development - [Describe your development work, languages, platforms] AI - [Describe your AI interests, projects, or applications] Smart Home - [Describe your smart home projects, platforms, automations] Why This Site # I believe in owning your platform. This site is my home base on the internet \u0026ndash; a place to publish my thoughts, document my projects, and connect with others who share similar interests.\nGet In Touch # The best way to reach me is via email. You can also find me on GitHub and LinkedIn.\n","externalUrl":null,"permalink":"/about/","section":"Russel Van Tuyl","summary":" Hi, I’m Russel Van Tuyl.\n","title":"About","type":"page"},{"content":"","externalUrl":null,"permalink":"/thoughts/","section":"Thoughts","summary":"","title":"Thoughts","type":"thoughts"}]