___ _ ____________ ____ _ ____ __________ ____________
/ | / | / /_ __/ / / / __ \/ | / /\ \/ /_ __/ / / / ____/ __/
/ /| | / |/ / / / / /_/ / / / / |/ / \ / / / / / / / /_ / /_
/ ___ |/ /| / / / / __ / /_/ / /| / / / / / / /_/ / __/ / __/
/_/ |_/_/ |_/ /_/ /_/ /_/\____/_/ |_/ /_/ /_/ \____/_/ /_/
Cybersecurity Engineer with 7+ years of experience across offensive security, DevSecOps, cloud security, and security automation. Specialized in red teaming, penetration testing, and building automated security tooling — with a growing focus on AI-driven security solutions and LLM security research. 200+ engagements delivered across enterprise, government, and financial sectors.
latest
Browse all posts and writeups
Configuring and Exploiting SSRF in AWS Cloud Environments
In this post I walk through how to configure a vulnerable AWS environment from scratch, deploy a custom banking application with multiple SSRF injection points, and exploit the Instance Metadata Service (IMDS) to steal live IAM credentials.
Lab Review Extreme Red Team Laboratories CALIPENDULA
CALIPENDULA is an Extreme Red Team Lab that simulates a hybrid GCP and Active Directory breach scenario, pushing you through cloud IAM enumeration, service account chaining, RBCD relay attacks, multi-hop tunnelling in a segmented network.
Lab Review Extreme Red Team Laboratories MAILSERVICE
MAILSERVICE is a multi-domain Active Directory lab that covers the full attack chain. Initial access via mail server abuse, credential extraction, network pivoting, cross-domain trust exploitation, MSSQL privilege escalation, Kerberos delegation abuse, and DCSync.
Spring Boot Actuator A Closer Look at the Attack Surface
In this post I walk through how an exposed /actuator/heapdump endpoint becomes the starting point for extracting database credentials, payment keys, AML platform secrets, and live session tokens.
Weaponizing the Rubber Ducky with Adaptix C2 : Part 2
In Part 2 of the Hak5 Toolkit series, We will walktrough hor to chain together an AMSI bypass, a Constrained Language Mode bypass, and shellcode obfuscation to achieve in-memory code execution all delivered via the USB Rubber Ducky.
Getting Initial Access with USB Rubber Ducky + Adaptix C2
A walkthrough of USB Rubber Ducky from USB to Shell and Chaining with Adaptix C2 for Initial Access.
Hooking Claude into Burp Suite with MCP
A walkthrough of connecting Burp Suite to Claude using the Model Context Protocol.
Exploiting a Banking Playground - Vulnerable Bank Application
A walkthrough of exploiting a purposely vulnerable banking application, replicating common issues encountered during real-world security assessments including SQL injection, mass assignment, JWT forgery, and business logic flaws.
Plug & Pwn Chronicles - LAN Turtle
A hands-on guide to deploying the Hak5 LAN Turtle for covert network access during Red Team engagements, covering setup, reverse SSH tunneling, and pivoting with ProxyChains.
HackTheBox - Forest
Windows AD box - AS-REP Roasting, BloodHound ACL abuse, DCSync with Cobalt Strike, and WriteDACL exploitation.
HackTheBox: Cicada
Walkthrough for the HackTheBox Cicada machine, involving RID brute-forcing, SMB enumeration, credential discovery, and privilege escalation via SeBackupPrivilege abuse to dump SAM hashes.
HackTheBox - Manager
Windows AD box - RID cycling, MSSQL exploitation, AD CS ESC7 attack for privilege escalation to Domain Admin.
HackTheBox: Administrator
Walkthrough for the HackTheBox Administrator machine, a Windows Active Directory box.
root@blog:~# No matching posts found.