Background

14+ years in offensive security, red teaming, and exploit development.

I’m a security researcher focused on practical offensive techniques, vulnerability research, and building tools that solve real problems. This site documents my work and learning journey.

Professional Experience

Red Team Leader & Penetration Tester

  • 14+ years designing and executing red team operations
  • Specialized in: Active Directory attacks, post-exploitation, defense evasion
  • Experience with: Fortune 500 organizations, financial institutions
  • Tools built: SSSD-Extract, custom OSINT and exploitation frameworks

Current Focus

  • Deepening knowledge in AI/ML security through structured study
  • Exploring emerging attack vectors in enterprise systems
  • Documenting security research for the community

Certifications & Credentials

Professional certifications demonstrating expertise in offensive security:

  • OSCP — Offensive Security Certified Professional . Offensive Security · Earned 2017

  • OSCE — Offensive Security Certitifed Expert . Offensive Security · Earned 2018

  • OSWE — Offensive Security Web Expert (AWAE) . Offensive Security · Earned 2023

  • OSEP — Offensive Security Experienced Pentester (PEN-300) . Offensive Security · Earned 2024

  • CRTO — Certified Red Team Operator . Zero Point Security · Earned 2024

Why I Write

Most security content falls into two categories:

  1. Tutorial-style — How to pass certifications
  2. Academic — Peer-reviewed articles with narrow scope

This site documents the middle ground: practical offensive security work, techniques that actually work in the lab, and lessons from real-world red teaming.

I write because:

  • Clarity through explanation — Teaching forces deep understanding
  • Community contribution — Help others on the same journey
  • Knowledge preservation — Document techniques before they become obsolete
  • Continuous learning — Research + documentation = mastery

On This Site

Posts — Technical content organized by category:

  • Red Team & Post-Exploitation
  • AI Security
  • Web Application Security
  • Cryptography & Encryption
  • CTF Walkthroughs
  • Tools & Utilities

Tools — Open-source security tools including SSSD-Extract

Get in Touch

Questions, suggestions, or topic requests? Open an issue on GitHub or reach out on LinkedIn.

Last updated: January 2025