For 7+ years, I've been in the trenches of Offensive Security - breaking systems, reversing binaries, and automating the boring stuff. My brain is wired differently (ASD Level 1), giving me the hyperfocus needed to dismantle complex threats and then teach others how they tick. I don't just find vulnerabilities; I tear them apart to understand their core.
- 🧠 I don't just hack; I teach: Offensive techniques, binary reversing, and application security - from the attacker's perspective.
- 🌎 Always hunting: When I'm not on an engagement, you'll find me owning boxes on HTB, THM, pwn.college, and pretty much any other platform worth its salt (Crackmes.one, MalwareBazaar, DEFCON, etc.).
📫 Contact: [email protected] | LinkedIn
-
Red Teaming & APT Emulation: Architecting realistic simulations of advanced persistent threats (APTs). I'm specializing in developing custom Tactics, Techniques, and Procedures (TTPs), executing complex lateral movement, and implementing advanced evasion techniques. My expertise covers the full attack lifecycle, from crafting sophisticated exploit chains to deploying stealth Command & Control (C2) infrastructures.
-
Exploit Development & Reverse Engineering: Proficient in developing and modifying bespoke exploits, including crafting ROP/JOP chains and bypassing memory protections like DEP and ASLR. My daily toolkit for static and dynamic analysis includes GDB-pwndbg, Frida, Ghidra, IDA Pro, x64/x32dbg, Qiling, and pwntools for rapid exploit scripting.
-
AI/ML in Offensive Security: Pioneering the integration of AI/ML to enhance offensive operations. I build custom assistants and tooling with LLMs (using LangChain, Ollama, MCP) to automate penetration testing and reverse engineering workflows. My research includes LLM security (Prompt Injection), tactical prompt engineering, and integrating AI with debuggers for assisted analysis.
- Authored Tools: ARCTAX, MANW-NG, riskIA-service, OSCP Insights, REload.Me, etc.
-
Advanced AppSec & DevSecOps: Championing a robust DevSecOps culture by embedding security into the entire SDLC (shift-left approach). My expertise includes SAST, DAST, manual code review (sink to source and taint analysis), Threat Modeling (STRIDE, CVSS), and securing CI/CD pipelines (GitHub Actions), containers, and Infrastructure as Code (Terraform, Kubernetes). I find security flaws in code and pipelines before they hit production. My goal is to automate security so developers can't mess it up.
-
Cloud Security & Secure Architecture: Designing and implementing secure cloud architectures in AWS, GCP, and Azure. My work focuses on security hardening, creating secure baselines, advanced IAM policies, secrets management, and reducing the attack surface in serverless and containerized environments.
-
My Go-To Stack:
- Heavy Hitters: BurpSuite Pro, pwntools, Frida, Radare2/Rizin, Ghidra, IDA Pro, x64/x32dbg, Impacket, ffuf, naabu/nuclei, Nmap, CrackMapExec, BloodHound, tshark, Havoc, Cobalt Strike, mitmproxy.
- Languages of Choice: Python for everything, Bash and PowerShell for speed, C/C++ when I need to get close to the metal and JavaScript to run everywhere.
- Techniques: If it can be scripted, I automate it. Advanced Regex, Semgrep, CodeQL, and custom scripts are part of my workflow.