Home
Cyber security, red teaming, and CTF write-ups. Security Advisor experimenting with offensive tooling, AI-assisted pentesting, and home lab infrastructure.
Reports
Pentest reports generated from active lab engagements.
LeHack 2024 — Pentest Standard Report
Traditional markdown-rendered pentest report. Findings, evidence, timeline, host vulnerability matrix, and remediation guidance.
View Report →
LeHack 2024 — Pentest Casebook
Operator casebook style — phosphor-green CRT aesthetic, attack graph (Mermaid), TTP matrix, attack chains, and dead-end documentation.
View Casebook →
JackofAllHacks — DFIR Casebook
AI-assisted DFIR investigation (Protocol SIFT / Claude Code) of a full domain compromise. Interactive kill-chain replay, animated SVG attack graph, 42-event UTC timeline, Volatility 3 memory analysis, CloudTrail pivot, and ransomware deployment. Threat actor: Saiyan Spider. Time to Domain Admin: ~4 min.
View Casebook →
Posts
-
Experimenting with Claude Code CLI in the Home Lab 🛡️
Teaching Claude to act as an internal pentester using Proxmox + Ludus + a custom NetExec skill. Lessons learned on structure, security hygiene, and AI-assisted report generation.
-
HackTheBox — Heist
Walkthrough of the HackTheBox Heist machine. IIS on port 80, MSRPC on 135, SMB on 445, WinRM on 5985.
-
HackTheBox — Bastion
Walkthrough of the HackTheBox Bastion machine.
-
Shodan CLI — Python
Using the Shodan CLI and Python library for attack surface reconnaissance.
-
US-CERT / CISA Alert TA18-074A Detection
Detection guidance for CISA Alert TA18-074A targeting government and critical infrastructure sectors.
-
Kansa — Getting Started with PowerShell IR
Setup guide for Kansa, a modular PowerShell incident response framework for AD environments.
-
Web App Pentest Project Overview
Design framework for a governance-focused web application pentest program with OWASP scanning at scale.
-
Proposed Pentest Project Considerations
Requirements and tooling for building an internal penetration testing program aligned to MITRE ATT&CK.