Profile

I started my career working on Linux systems and enterprise infrastructure, learning how production environments actually operate, from server deployments and network operations to identity management and access control. Over time, that operational exposure sparked a deeper interest in offensive security, shifting the focus from keeping systems running to understanding the techniques attackers use to break into complex environments. That curiosity eventually pulled me towards penetration testing and adversary simulation, where lab environments became a constant proving ground for intentionally breaking networks, recreating real-world attack scenarios, and carefully documenting lessons learned along the way. Coming from an infrastructure background brings a different lens when approaching testing, emphasizing attack paths, misconfigurations, operational blind spots, and the kinds of mistakes that surface in live enterprise environments.

My technical focus centers on internal network compromise, Active Directory abuse, privilege escalation, post-exploitation tradecraft, and modern web attack surfaces. Regular practice includes credential harvesting, lateral movement, Kerberos attacks, misconfigured delegation abuse, persistence techniques, authentication flaws, and API weaknesses across network, Active Directory, and web application environments inside controlled lab setups and simulated engagements. Most learning happens through hands-on experimentation, running local labs, participating in CTF platforms, and publishing detailed write-ups to sharpen both technical execution and communication. The long-term goal is to work as a penetration tester or red team operator, contributing to stronger defenses by simulating realistic attacks and helping organizations close the gaps attackers rely on.