Home

Cyber security, red teaming, and CTF write-ups. Security Advisor experimenting with offensive tooling, AI-assisted pentesting, and home lab infrastructure.

Reports

Pentest reports generated from active lab engagements.

LeHack 2024 — Standard Report

Traditional markdown-rendered pentest report. Findings, evidence, timeline, host vulnerability matrix, and remediation guidance.

View Report →

LeHack 2024 — Casebook

Operator casebook style — phosphor-green CRT aesthetic, attack graph (Mermaid), TTP matrix, attack chains, and dead-end documentation.

View Casebook →

Posts

Experimenting with Claude Code CLI in the Home Lab 🛡️
2026-05-23 AIPentestingHomeLab

Teaching Claude to act as an internal pentester using Proxmox + Ludus + a custom NetExec skill. Lessons learned on structure, security hygiene, and AI-assisted report generation.
HackTheBox — Heist
2020-05-16 HTBWindows

Walkthrough of the HackTheBox Heist machine. IIS on port 80, MSRPC on 135, SMB on 445, WinRM on 5985.
HackTheBox — Bastion
2020-02-07 HTBWindows

Walkthrough of the HackTheBox Bastion machine.
Shodan CLI — Python
2019-12-01 OSINTRecon

Using the Shodan CLI and Python library for attack surface reconnaissance.
US-CERT / CISA Alert TA18-074A Detection
2019-02-05 Blue TeamDetection

Detection guidance for CISA Alert TA18-074A targeting government and critical infrastructure sectors.
Kansa — Getting Started with PowerShell IR
2018-11-21 Blue TeamPowerShellIR

Setup guide for Kansa, a modular PowerShell incident response framework for AD environments.
Web App Pentest Project Overview
2018-06-01 Web AppPentesting

Design framework for a governance-focused web application pentest program with OWASP scanning at scale.
Proposed Pentest Project Considerations
2018-03-01 PentestingPlanning

Requirements and tooling for building an internal penetration testing program aligned to MITRE ATT&CK.