Open-source offensive tooling, lab research, and real engagement work — all public. The polished, client-facing deliverables live in the access-controlled Portfolio.

Open-Source Tools

pentest-toolkit

Python toolkit for offensive engagements — recon automation, Active Directory enumeration, and report scaffolding. Python · Active Directory · Recon

offensive-recon

OSCP-style recon and triage — nmap orchestration, service enumeration, and credential-hunting scripts. Bash · PowerShell · Nmap

Offensive_Security_Journey

My methodology, Active Directory attack playbooks, and box writeups — the documented path from SOC to pentester. Methodology · Writeups

Lab & CTF Record

49+ machines rooted across HackTheBox (Top 3% globally), TryHackMe, and OffSec Proving Grounds — with a focus on Active Directory attack paths: Kerberoasting, DCSync, BloodHound path analysis, and lateral movement.

→ Read the Writeups · Browse the Methodology

Engagements

Internal Network Penetration Test — a scoped, full-lifecycle internal engagement (reconnaissance → enumeration → exploitation → privilege escalation) using Nmap and Metasploit, within defined rules of engagement. Delivered 7 findings (1 critical, 6 high) in a CVSS-scored professional report with an executive summary and prioritized remediation.

Sanitized report samples and polished deliverables are available in the Portfolio on request.

Work With Me

OSCP+ certified, focused on Active Directory and internal-network attacks, with a detection-aware edge from Tier 2 SOC experience. Open to penetration-testing roles (US — remote or relocation).