Penetration Testing | Ethical Hacker | CTF Player
Passionate Cyber Researcher & Pentester
I'm passionate about exploring the depths of cybersecurity, uncovering vulnerabilities, and building secure systems. My work spans ethical hacking,network pentesting and offensive security with a current focus on Active Directory Security.
As a Pentester and Ethical Hacker, my passion lies in uncovering vulnerabilities and strengthening security through responsible and effective exploitation.
Specializing in Active Directory security, identifying critical weaknesses, and improving identity and access security across enterprise environments.
Expertise across the cybersecurity spectrum
Advanced vulnerability assessment and exploitation techniques
OWASP Top 10, XSS, CSRF, SQL Injection, HTTP Request Smuggling, Business Logic Flaws and Modern Web Vulnerabilities
Firewall management, IDS/IPS, VPN, and network protocol analysis
Kerberos Attacks,NTLM Attacks, Privilege Escalation Paths, Lateral Movement, and Identity Misconfigurations
Incident response, evidence collection, and forensic analysis
Malware analysis, binary exploitation, and software reverse engineering
Validated expertise in cybersecurity and information security
CompTIA
Industry-leading certification validating foundational cybersecurity skills and knowledge. Covers network security, compliance, threats, vulnerabilities, and security operations.
Advanced Diploma in Information Security
Comprehensive advanced diploma covering enterprise-level information security management, risk assessment, security architecture, and advanced cybersecurity methodologies.
A showcase of my recent work across different cybersecurity domains. Each project represents a unique challenge and solution.
Prison-Break themed Vulnerable Machines
A deliberately vulnerable machine contains Web Exploitation, misconfigurations, weak credentials, and logic flaws across Web and OS to "escape" by capturing the final flag.
Space themed Vulnerable Machines
A space-station themed Machine for Pentesting, focused on Web Exploitation, security misconfigurations, digital forensics and privilege escalation challenges within a simulated space station environment.
Custom Capture The Flag Challenges
Custom-designed Capture The Flag challenges for various skill levels. Each challenge focuses on specific cybersecurity concepts and requires creative problem-solving approaches for success.
Web based finding tool
Gfinder is a powerful search tool to find code, files, and hidden secrets instantly using powerful filters and clear visual results with displays the equivalent Linux command.
Automated reconnaissance suite for web applications
Scanix is a powerful automation tool that streamlines the initial reconnaissance phase of penetration testing. It orchestrates multiple security tools Nmap, Feroxbuster, Nikto across parallel terminals to provide comprehensive target assessment.
Collection of Pentesting Automation Scripts
Comprehensive collection of Python and Bash scripts designed to automate penetration testing workflows. Features include network scanning, vulnerability assessment, and post-exploitation modules.
LXD Privilege Escalation Exploit
Automated LXD exploitation script where users in `lxd` group allows root access through container breakout. Exploits the LXD container breakout vulnerability to gain root access on target systems.
Capture The Flag Challenge Solutions
Comprehensive collection of detailed CTF writeups featuring step-by-step exploitation techniques, vulnerability analysis, and creative problem-solving approaches from various cybersecurity competitions.
Conducted security research and developed innovative cybersecurity solutions for emerging threats. Created comprehensive penetration testing labs and vulnerable environments for training purposes. Built hands-on Capture The Flag (CTF) challenges and realistic attack scenarios. Collaborated with teams to analyze attack vectors and develop defensive strategies.
Conducting vulnerability research, penetration testing, and developing CTF challenges.
Competing in various cybersecurity competitions with focus on Offensive Security
Ready to collaborate on cybersecurity projects or discuss opportunities?
Whether you need penetration testing, security consultation, or want to collaborate on cybersecurity challenges, I'm always interested in new opportunities.