___ _ ____________ ____ _ ____ __________ ____________
/ | / | / /_ __/ / / / __ \/ | / /\ \/ /_ __/ / / / ____/ __/
/ /| | / |/ / / / / /_/ / / / / |/ / \ / / / / / / / /_ / /_
/ ___ |/ /| / / / / __ / /_/ / /| / / / / / / /_/ / __/ / __/
/_/ |_/_/ |_/ /_/ /_/ /_/\____/_/ |_/ /_/ /_/ \____/_/ /_/
Cybersecurity Engineer with 7+ years of experience across offensive security, DevSecOps, cloud security, and security automation. Specialized in red teaming, penetration testing, and building automated security tooling — with a growing focus on AI-driven security solutions and LLM security research. 200+ engagements delivered across enterprise, government, and financial sectors.
latest
Recent posts and writeups
Exploiting a Banking Playground - Vulnerable Bank Application
A walkthrough of exploiting a purposely vulnerable banking application, replicating common issues encountered during real-world security assessments including SQL injection, mass assignment, JWT forgery, and business logic flaws.
Plug & Pwn Chronicles - LAN Turtle
A hands-on guide to deploying the Hak5 LAN Turtle for covert network access during Red Team engagements, covering setup, reverse SSH tunneling, and pivoting with ProxyChains.
HackTheBox - Forest
Windows AD box - AS-REP Roasting, BloodHound ACL abuse, DCSync with Cobalt Strike, and WriteDACL exploitation.
HackTheBox: Cicada
Walkthrough for the HackTheBox Cicada machine, involving RID brute-forcing, SMB enumeration, credential discovery, and privilege escalation via SeBackupPrivilege abuse to dump SAM hashes.
HackTheBox: Administrator
Walkthrough for the HackTheBox Administrator machine, a Windows Active Directory box.
root@blog:~# No matching posts found.