Certifications

  • OSCP Offensive Security Certified Professional
  • AWS Certified Security - Specialty
  • AWS Certified Cloud Practitioner
  • GCFR GIAC Cloud Forensics Responder
  • Microsoft Certified Azure Security Engineer Associate
  • CCA-V Citrix Certified Associate - Virtualization
  • CMNO Cisco Meraki Network Operator

Mentorship

One of the most rewarding parts of my journey has been mentoring others. I’ve been grateful to guide and support a number of people who went from zero to hero, throwing themselves into hacking with no prior experience, and now absolutely crushing it in the security world.

Watching their growth and success is a constant reminder of how much we can all achieve together through sharing knowledge, working together, and supporting each other.

Don’t be shy. Feel free to reach out on LinkedIn if you want to connect or chat!

Public Disclosures & CVEs

I tend to stay out of the spotlight and usually disclose vulnerabilities anonymously or request to stay anonymous. Here are a couple of semi-recent findings 🙂.

Unauthenticated OS Command Injection in stamparm/maltrail

Description

Maltrail <= v0.54 is vulnerable to unauthenticated OS command injection during the login process.

CVSS 3.x Severity: Critical (10)

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

CVE-2021-29996

Description

Mark Text through 0.16.3 allows attackers arbitrary command execution. This could lead to Remote Code Execution (RCE) by opening .md files containing a mutation Cross Site Scripting (XSS) payload.

CVSS 3.x Severity: Critical (9.6)

Open source projects

revshells.com

CTFs

I’ve retired from doing CTFs after a great run, including peaking at #3 on the TryHackMe leaderboard and having the fortunate pleasure of working as a consultant at TryHackMe.

Along the way, I’ve had the privilege of meeting some incredible people — fellow enthusiasts, professionals, and mentors — who inspired and challenged me to grow.

While I no longer have the free time, those experiences will always hold a special place in my journey.

If you’re looking for my old writeups, maybe try taking a trip way back… you know where to find them, right? 😄

TryHackMe

TryHackMe

Hack The Box

Hack The Box