On the evening of July 8, 2026, I tried to log into my GitHub account and found myself completely locked out. No warning email. No explanation. Just a login screen that refused to recognize me.
This is the story of what happened, what I did about it, and where things stand now.
The Account
My username was @toxy4ny. I had built a modest but engaged community there:
- ~2,000 followers
- 800+ stars across repositories
- Tools like flibustier (Docker security auditing), redteam-ai-benchmark (LLM robustness evaluation), and others
Everything I published was open-source, educational, and explicitly intended for authorized security research. My work operates under a full framework of professional licenses, contracts, SLAs, and NDAs.
I last accessed the account normally on the afternoon of July 8. By evening, authentication failed completely. The GitHub Status page showed "Actions is currently status yellow," but I have no way to know if that was related or a coincidence.
What I Did
1. Filed a Support Ticket
I used GitHub's "Cannot sign in" form at support.github.com/contact/cannot_sign_in, selecting "Account locked or suspended."
Ticket number: 4548644
I received an auto-reply acknowledging the ticket and warning of "high volumes." I then sent a follow-up with additional context: my professional background, links to my DEV Community articles documenting the research behind each tool, and a clear statement of willingness to cooperate — including making repositories private or removing any flagged content if needed.
Status: No human response. Zero.
2. Reached Out to Leadership
I wrote directly to Kyle Daigle, GitHub's COO, at his public email (kdaigle@github.com). The letter explained the situation, my professional standing, and my commitment to resolving any concerns transparently.
Status: No response.
3. Checked for Public Information
I searched for any news, discussions, or community mentions of my account suspension. Nothing. No Hacker News threads, no Reddit posts, no blog coverage. The block appears to have happened quietly, without public explanation.
I also encountered what appeared to be an AI-generated summary (Google AI Overview) referencing my repositories and suggesting "community concerns" about ethical use. I could not verify this text in any primary source. It may have been synthetic inference rather than factual reporting.
What I Did Next
While waiting for a response that may never come, I took action to protect my work and my community.
Migrated to GitLab
I created gitlab.com/toxy4ny and began transferring repositories:
- flibustier — Docker security scanner
- redteam-ai-benchmark — LLM red teaming framework
- perforator — stress-testing tools
- decoy-hunter — honeypot detection scanner
- COPY-FAIL — hardened C implementation for authorized penetration testing
I also built a profile README documenting my background, projects, and contact information.
Why GitLab?
GitLab has a historically more permissive stance toward security research tools. While no platform is immune to account actions, GitLab's self-hosted option (Community Edition) offers a path to true independence if needed.
The Bigger Picture
This isn't just about one account. It's about a pattern many security researchers know too well:
- Automated enforcement without human review
- Opaque processes where the accused cannot see the accusation
- Asymmetric power between platforms and individual contributors
I don't know why my account was suspended. GitHub hasn't told me. I may never know. What I do know is that two years of community building, open-source contributions, and public research can vanish overnight — not because of a clear violation, but because of a black box.
Where Things Stand
| Action | Status |
|---|---|
| GitHub Support Ticket #4548644 | 🟡 No response |
| Email to Kyle Daigle (COO) | 🟡 No response |
| GitHub account restoration | 🔴 Unknown / unlikely |
| GitLab migration | 🟢 Active |
| Community notification | 🟢 In progress |
What You Can Do
If you've used my tools, starred my repositories, or found my work useful:
- Follow me on GitLab: gitlab.com/toxy4ny
- Bluesky: @toxy4ny.bsky.social
- Mastodon: @toxy4ny@defcon.social
- Website: hackteam.red
If you're a security researcher with a similar story, I'd like to hear it. These patterns only change when they're documented.
Final Thought
Platforms don't owe us explanations. But communities do owe each other transparency. I'll keep building, keep publishing, and keep documenting — regardless of where the code lives.
The work matters more than the host.
KL3FT3Z (toxy4ny)
Certified Penetration Tester & Red Teamer
Offensive AI Laboratory, HackTeam.RED
tags: github, cybersecurity, opensource, redteam, gitlab
Top comments (0)