skip to content

$ cat ./uses

Public minimum. Full stack and operational configuration stay on the OPSEC side — I don't disclose what runs on a specific engagement.

# certifications

6 passed · 1 in progress · 1 next · 1 goal
  • OSCP passed
    Offensive Security Certified Professional
    OffSec
    end-to-end: recon, privesc, pivoting, manual exploit, reporting
  • eWPTX passed
    Web Application Penetration Tester eXtreme
    INE / eLearnSecurity
    advanced web appsec, bypasses, bug chains
  • BSCP passed
    Burp Suite Certified Practitioner
    PortSwigger
    hands-on Burp Pro exam — logic, auth, chaining
  • C-AI/MLPen passed
    Certified AI/ML Pentester
    The SecOps Group
    prompt injection, model stealing, data poisoning, LLM appsec
  • AIRTP+ passed
    AI Red Team Professional Plus
    Learn Prompting
    LLM risk, jailbreak/exfil test design, guardrails
  • BTL1 passed
    Blue Team Level 1
    Security Blue Team
    incident triage, hunting, detection rules, playbooks
  • OSAI in progress
    Offensive Security AI
    OffSec
    currently sitting — AI red team per OffSec
  • OSWE next
    Offensive Security Web Expert
    OffSec
    next exam — advanced web pentest / source-code review
  • OSCE³ goal
    OffSec Certified Expert (OSEP + OSWE + OSED)
    OffSec
    end goal — trifecta: AD exploitation + web + exploit dev

OSAI in progress. OSWE next. OSCE³ (OSEP + OSWE + OSED) — end goal. Full status → /path .

# methodology

  • Web / API — OWASP WSTG, OWASP ASVS
  • Threat modeling — MITRE ATT&CK, STRIDE
  • Hardening — CIS Benchmarks (AD / Linux)
  • Email security — SPF / DKIM / DMARC
  • Threat intel — STIX / TAXII (CSIRT collaboration)
  • Reporting — risk-based + technical appendix

# public stack

  • Burp Suite Professional
  • Nessus Professional
  • ProjectDiscovery (nuclei / httpx / naabu)
  • Nmap
  • Python · Bash · PowerShell

Tooling outside this list — no comment. Specific selection per engagement is set in the ROE.

# work formats

  • MDX / Markdown (write-ups)
  • Obsidian (external memory)
  • Git (notes + code versioning)

last updated: 2026-06 · contact: email