Pages on z-r0crypt

About

Mon, 01 Jan 0001 00:00:00 +0000

Background

14+ years in offensive security, red teaming, and exploit development.

I’m a security researcher focused on practical offensive techniques, vulnerability research, and building tools that solve real problems. This site documents my work and learning journey.

Professional Experience

Red Team Leader & Penetration Tester

14+ years designing and executing red team operations
Specialized in: Active Directory attacks, post-exploitation, defense evasion
Experience with: Fortune 500 organizations, financial institutions
Tools built: SSSD-Extract, custom OSINT and exploitation frameworks

Current Focus

Deepening knowledge in AI/ML security through structured study
Exploring emerging attack vectors in enterprise systems
Documenting security research for the community

Certifications & Credentials

Professional certifications demonstrating expertise in offensive security:

About

Mon, 01 Jan 0001 00:00:00 +0000

Background

13+ years in offensive security, red teaming, and exploit development.

I’m a security researcher focused on practical offensive techniques, vulnerability research, and building tools that solve real problems. This site documents my work and learning journey.

Professional Experience

Red Team Leader & Penetration Tester

13+ years designing and executing red team operations
Specialized in: Active Directory attacks, post-exploitation, defense evasion
Experience with: Fortune 500 organizations, government contractors, financial institutions
Tools built: SSSD-Extract, custom exploitation frameworks

Current Focus

Deepening knowledge in AI/ML security through structured study
Exploring emerging attack vectors in enterprise systems
Documenting security research for the community

Certifications & Credentials

Professional certifications demonstrating expertise in offensive security:

Leadership & Program Design

Mon, 01 Jan 0001 00:00:00 +0000

Red Team Program Development

Building secure systems requires understanding how attackers think. This section covers:

Program Design — Building risk-based adversary simulation programs
Team Structure — Scaling from penetration testers to red team leaders
Stakeholder Management — Communicating findings to executives
Operational Security — Running invasive assessments safely

Coming soon.

Topics in Development:

Building a Risk-Based Adversary Simulation Program
Managing Stakeholders During Invasive Operations
Transitioning from Pentester to Red Team Lead

Research Archive

Mon, 01 Jan 0001 00:00:00 +0000

All Research Posts

[{{ .Title }}]({{ .Permalink }}) — {{ .PublishDate.Format “January 2006” }} {{ end }}

Start Here

Mon, 01 Jan 0001 00:00:00 +0000

Welcome to z-r0crypt

Not sure where to begin? This page guides you to the most relevant content based on your interests.

I’m Preparing for OSCP (PEN-200)

Best starting point: Foundation building, Linux privilege escalation, network penetration testing

Recommended reading order:

Cryptography Fundamentals
- Cryptography I - Week 1
- Cryptography I - Week 2 Part 1
- Why: OSCP includes network security fundamentals
Linux Post-Exploitation
- SSSD-Extract Tool
- Why: Active Directory on Linux is a real attack vector
Methodology & Planning