Pages

Background 14+ years in offensive security, red teaming, and exploit development. I’m a security researcher focused on practical offensive techniques, vulnerability research, and building tools that solve real problems. This site documents my work and learning journey. Professional Experience Red Team Leader & Penetration Tester 14+ years designing and executing red team operations Specialized in: Active Directory attacks, post-exploitation, defense evasion Experience with: Fortune 500 organizations, financial institutions Tools built: SSSD-Extract, custom OSINT and exploitation frameworks Current Focus Deepening knowledge in AI/ML security through structured study Exploring emerging attack vectors in enterprise systems Documenting security research for the community Certifications & Credentials Professional certifications demonstrating expertise in offensive security: ...

Background 13+ years in offensive security, red teaming, and exploit development. I’m a security researcher focused on practical offensive techniques, vulnerability research, and building tools that solve real problems. This site documents my work and learning journey. Professional Experience Red Team Leader & Penetration Tester 13+ years designing and executing red team operations Specialized in: Active Directory attacks, post-exploitation, defense evasion Experience with: Fortune 500 organizations, government contractors, financial institutions Tools built: SSSD-Extract, custom exploitation frameworks Current Focus Deepening knowledge in AI/ML security through structured study Exploring emerging attack vectors in enterprise systems Documenting security research for the community Certifications & Credentials Professional certifications demonstrating expertise in offensive security: ...

Red Team Program Development Building secure systems requires understanding how attackers think. This section covers: Program Design — Building risk-based adversary simulation programs Team Structure — Scaling from penetration testers to red team leaders Stakeholder Management — Communicating findings to executives Operational Security — Running invasive assessments safely Coming soon. Topics in Development: Building a Risk-Based Adversary Simulation Program Managing Stakeholders During Invasive Operations Transitioning from Pentester to Red Team Lead

All Research Posts {{ range (where site.RegularPages “Type” “posts”) }} [{{ .Title }}]({{ .Permalink }}) — {{ .PublishDate.Format “January 2006” }} {{ end }}

Welcome to z-r0crypt Not sure where to begin? This page guides you to the most relevant content based on your interests. I’m Preparing for OSCP (PEN-200) Best starting point: Foundation building, Linux privilege escalation, network penetration testing Recommended reading order: Cryptography Fundamentals Cryptography I - Week 1 Cryptography I - Week 2 Part 1 Why: OSCP includes network security fundamentals Linux Post-Exploitation SSSD-Extract Tool Why: Active Directory on Linux is a real attack vector Methodology & Planning ...