offensive security collective

ZeroShadowOps

We find the flaws that matter — before someone else does.

Vulnerability research  /  Exploit development  /  Red teaming

root@zso:~# 
View Arsenal Learn More
3Operators
11+Languages
6Domains
0dayResearch
Scroll
who we are

About ZSO

ZeroShadowOps (ZSO) is an offensive security research group operating at the intersection of red teaming, vulnerability research, and exploit development.

We specialize in finding critical vulnerabilities across web applications, smart contracts, binary targets, cloud infrastructure, and AI/ML systems. Our research spans from kernel exploits to prompt injection — wherever the attack surface exists, we operate.

We don't patch. We prove it's broken.

3
Operators
6+
Domains
11+
Languages
0day
Research
operators

The Team

VoidChecksum
VoidChecksum
Offensive Security Engineer
AI Red Teaming Kernel Research Bug Bounty Smart Contracts
C++ · Python · Rust · Go · ASM
0xyg3n
0xyg3n
Offensive Security Consultant
Exploit Dev Social Engineering Red Team C2 Frameworks
C# · Python · Bash · PowerShell
Couiz
Couiz
Dark Side Operator
Injection Automation API Exploitation Tooling
C · C++ · JavaScript · Bash · ASM
arsenal

Projects

AiProxy Python

Unified OpenAI-compatible API proxy that routes through multiple free AI providers. Auto-reward system, smart account rotation, streaming support. 861+ models including GPT-5, Claude Opus 4.6, Gemini 3.1.

GPL-3.0
More Coming ???

New tools and research are always in development. Exploit frameworks, vulnerability scanners, security automation — watch this space.

In progress
expertise

Domains

🕸
Web & Application Security
SSRF · XSS · SQLi · IDOR · OAuth Bypass · API Security · GraphQL · Business Logic · Subdomain Takeover
Smart Contracts & Blockchain
DeFi Audits · Bridge Exploits · Flash Loans · MEV · Oracle Manipulation · EVM Analysis · Governance Attacks
💻
Binary & Low-Level
Exploit Dev · Reverse Engineering · Kernel Exploits · Heap Corruption · Fuzzing · Sandbox Escapes · EDR Evasion
Infrastructure & Red Team
Pentesting · Cloud Security · AD Attacks · Container Escapes · CI/CD Poisoning · C2 Development · Network Exploitation
🤖
AI & Emerging
LLM Fuzzing · Prompt Injection · Model Poisoning · RAG Attacks · AI Agent Exploitation · Supply Chain · Zero-Day Research
📱
Mobile & Client-Side
Android Reversing · iOS Reversing · API Hooking · Electron Exploits · Browser Extensions · Desktop App Security