___    _   ____________  ____  _   ____  __________  ____________
   /   |  / | / /_  __/ / / / __ \/ | / /\ \/ /_  __/ / / / ____/ __/
  / /| | /  |/ / / / / /_/ / / / /  |/ /  \  / / / / / / / /_  / /_
 / ___ |/ /|  / / / / __  / /_/ / /|  /   / / / / / /_/ / __/ / __/
/_/  |_/_/ |_/ /_/ /_/ /_/\____/_/ |_/   /_/ /_/  \____/_/   /_/

Blog Writeups Resume

Cybersecurity Engineer with 7+ years of experience across offensive security, DevSecOps, cloud security, and security automation. Specialized in red teaming, penetration testing, and building automated security tooling — with a growing focus on AI-driven security solutions and LLM security research. 200+ engagements delivered across enterprise, government, and financial sectors.

4 Writeups
8 Articles
43 Topics
12 Total Posts

latest

Recent posts and writeups

2026-06-25 red-team active-directoryGCP cloud-securityERTLRBCDkerberos delegationtunnelingevasion PetitPotamlateral-movementassumed-breachhybrid-cloudIAM service-accountssecret-manager

Lab Review Extreme Red Team Laboratories CALIPENDULA

CALIPENDULA is an Extreme Red Team Lab that simulates a hybrid GCP and Active Directory breach scenario, pushing you through cloud IAM enumeration, service account chaining, RBCD relay attacks, multi-hop tunnelling in a segmented network.
2026-05-29 Intial AccessRed TeamActive DirectoryLateral MovementTunnelling

Lab Review Extreme Red Team Laboratories MAILSERVICE

MAILSERVICE is a multi-domain Active Directory lab that covers the full attack chain. Initial access via mail server abuse, credential extraction, network pivoting, cross-domain trust exploitation, MSSQL privilege escalation, Kerberos delegation abuse, and DCSync.
2026-05-03 spring-boot-actuatoractuator-exploitjava-pentestingsecurity-researchmisconfigurations

Spring Boot Actuator A Closer Look at the Attack Surface

In this post I walk through how an exposed /actuator/heapdump endpoint becomes the starting point for extracting database credentials, payment keys, AML platform secrets, and live session tokens.
2026-04-22 USB Rubber DuckyRed TeamEvasionHacker gadgetsIntial Access

Weaponizing the Rubber Ducky with Adaptix C2 : Part 2

In Part 2 of the Hak5 Toolkit series, We will walktrough hor to chain together an AMSI bypass, a Constrained Language Mode bypass, and shellcode obfuscation to achieve in-memory code execution all delivered via the USB Rubber Ducky.
2026-04-19 Intial AccessRed TeamPhysical SecurityHacker gadgets

Getting Initial Access with USB Rubber Ducky + Adaptix C2

A walkthrough of USB Rubber Ducky from USB to Shell and Chaining with Adaptix C2 for Initial Access.

root@blog:~# No matching posts found.

ESC
Enter to open Esc to close