$ cat ./uses
Public minimum. Full stack and operational configuration stay on the OPSEC side — I don't disclose what runs on a specific engagement.
# certifications
6 passed · 1 in progress · 1 next · 1 goal
- OSCP passedOffensive Security Certified ProfessionalOffSecend-to-end: recon, privesc, pivoting, manual exploit, reporting
- eWPTX passedWeb Application Penetration Tester eXtremeINE / eLearnSecurityadvanced web appsec, bypasses, bug chains
- BSCP passedBurp Suite Certified PractitionerPortSwiggerhands-on Burp Pro exam — logic, auth, chaining
- C-AI/MLPen passedCertified AI/ML PentesterThe SecOps Groupprompt injection, model stealing, data poisoning, LLM appsec
- AIRTP+ passedAI Red Team Professional PlusLearn PromptingLLM risk, jailbreak/exfil test design, guardrails
- BTL1 passedBlue Team Level 1Security Blue Teamincident triage, hunting, detection rules, playbooks
- OSAI in progressOffensive Security AIOffSeccurrently sitting — AI red team per OffSec
- OSWE nextOffensive Security Web ExpertOffSecnext exam — advanced web pentest / source-code review
- OSCE³ goalOffSec Certified Expert (OSEP + OSWE + OSED)OffSecend goal — trifecta: AD exploitation + web + exploit dev
OSAI in progress. OSWE next. OSCE³ (OSEP + OSWE + OSED) — end goal. Full status → /path .
# methodology
- Web / API — OWASP WSTG, OWASP ASVS
- Threat modeling — MITRE ATT&CK, STRIDE
- Hardening — CIS Benchmarks (AD / Linux)
- Email security — SPF / DKIM / DMARC
- Threat intel — STIX / TAXII (CSIRT collaboration)
- Reporting — risk-based + technical appendix
# public stack
- Burp Suite Professional
- Nessus Professional
- ProjectDiscovery (nuclei / httpx / naabu)
- Nmap
- Python · Bash · PowerShell
Tooling outside this list — no comment. Specific selection per engagement is set in the ROE.
# work formats
- MDX / Markdown (write-ups)
- Obsidian (external memory)
- Git (notes + code versioning)
last updated: 2026-06 · contact: email