Penetration Tester | Security Researcher

Building a Custom C2 Framework: Concepts and Evasion

An educational overview of command and control framework architecture, communication channels, and evasion techniques used in offensive security.

My Web Application Pentest Methodology

A practical guide to my personal web application penetration testing methodology, from reconnaissance to reporting.

Active Directory Attack Paths: From User to Domain Admin

Exploring common Active Directory attack paths including Kerberoasting, AS-REP Roasting, DCSync attacks, and how to identify them using BloodHound.

A comprehensive guide to securing artificial intelligence and large language model systems — from understanding how LLMs work to attack vectors, penetration testing, red teaming, and defense strategies.

A comprehensive guide to post-quantum cryptography — from understanding the quantum threat to NIST standards (ML-KEM, ML-DSA, SLH-DSA), lattice-based and hash-based schemes, hybrid approaches, migration strategies, and real-world implementation for the post-quantum era.

A comprehensive guide to adversary simulation and red team operations — from fundamentals and infrastructure to Active Directory attacks, cloud exploitation, stealth techniques, and purple teaming integration.

A comprehensive guide to satellite and space systems cybersecurity — from understanding satellite architecture and communication protocols to attack vectors, penetration testing, red teaming, and defense strategies for the final frontier.

Purpose-built AD environment for testing attack paths and detection rules. Multi-forest setup with realistic misconfigurations for practicing lateral movement and privilege escalation techniques.

Self-hosted CTF platform with custom challenges covering web exploitation, binary analysis, cryptography, and forensics.

Python-based network vulnerability scanner that combines port scanning, service enumeration, and CVE lookup into a single automated workflow.