Avalable for work
Avalable for work
whoami
a disciplined mind engineered for cyber offense and defense.
Background & Career
A hacker’s curiosity with a defender’s discipline.
I design and break systems to make them stronger — blending offensive operations, threat hunting, and automated tooling to outpace real-world adversaries.
From global enterprises to government systems, I’ve led red and blue team missions, aligned detection logic with MITRE ATT&CK®, and built scalable security automation.
I engineer tools that expose what others miss — from credential leaks to hidden lateral movement — turning complexity into clarity.
My work bridges offense and defense, strategy and execution, human insight and machine precision.
Security isn’t just my field — it’s my operating system.
Education & Continuous Learning
Formal education is a benchmark, but in cybersecurity, hands-on experience and problem-solving often matter more. I’ve worked directly on high-impact engagements—performing real-world attack simulations, developing detection logic, and helping clients harden their environments. I continuously expand my knowledge through research, certifications, and project-based work. While my path may not follow traditional academics, my experience delivers proven results and practical security expertise.
Core Competencies
Cyber Defense
I design defensive strategies and detection workflows that anticipate attacker behavior. From SIEM/XDR integration to compliance alignment, I ensure systems are resilient against evolving threats.
Offensive Security
I specialize in full-scope offensive operations, including reconnaissance, exploitation, and post-exploitation. My work spans manual and automated penetration testing of web apps, APIs, and internal infrastructure. Deliverables include actionable findings, PoCs, and remediation guidance aligned with PTES and OWASP standards.
Threat Hunting
I lead proactive threat hunting engagements that go beyond alerts—identifying lateral movement, misconfigurations, and stealthy attacker behaviors. Logs, telemetry, and IoCs are correlated using MITRE ATT&CK®, feeding results into scalable detection pipelines.
Automated Security Tools
I develop lightweight, efficient tools using Go, PowerShell, and Bash to automate reconnaissance, exploit chains, and detection bypass. From custom scanners to red-team utilities, my tools accelerate assessments and reduce manual effort.
Web & Infrastructure Penetration Testing
I conduct comprehensive assessments combining automated scanning with targeted manual testing. I uncover authentication weaknesses, logic flaws, and privilege escalation paths, providing actionable mitigation and business-impact analysis.
Credential Detection & Prevention
I engineered a tool to scan enterprise file shares, codebases, and documentation platforms for exposed secrets (API keys, tokens, passwords). The system uses entropy, regex, and heuristics to minimize false positives and prioritize risk-based remediation.
Enterprise Security Support
At AXA Group Operations and other major clients, I support internal red and blue teams with penetration tests, detection logic, tool integration into SIEM/XDR, and alignment with frameworks like MITRE ATT&CK®, NIST SP 800-53, and GDPR.
CHaaS: Credential Hunting as a Service
I introduced CHaaS at CPLNetwork—a continuous, strategic service blending automation and manual validation to detect credential exposures across cloud platforms, SharePoint, Git, and internal repositories. CHaaS delivers contextual risk classification, secure remediation workflows, and follow-up assurance—far beyond one-time scans.
Advanced Threat Modeling
I apply structured threat modeling to simulate attacker behavior, identify high-value targets, and expose system weaknesses, helping teams prioritize defensive measures and improve incident readiness.
Security Automation & Scaling
I build repeatable, automated security processes, including detection scripts, integration pipelines, and custom toolsets. My goal: scalable, efficient security embedded in daily operations.
User and Entity Behavior Analytics (UEBA)
I integrate behavioral analysis into security workflows to detect anomalies that bypass traditional defenses. Combining telemetry with threat modeling, I help detect credential misuse, insider threats, and stealthy persistence tactics.
Core Competencies
Cyber Defense
I design defensive strategies and detection workflows that anticipate attacker behavior. From SIEM/XDR integration to compliance alignment, I ensure systems are resilient against evolving threats.
Offensive Security
I specialize in full-scope offensive operations, including reconnaissance, exploitation, and post-exploitation. My work spans manual and automated penetration testing of web apps, APIs, and internal infrastructure. Deliverables include actionable findings, PoCs, and remediation guidance aligned with PTES and OWASP standards.
Threat Hunting
I lead proactive threat hunting engagements that go beyond alerts—identifying lateral movement, misconfigurations, and stealthy attacker behaviors. Logs, telemetry, and IoCs are correlated using MITRE ATT&CK®, feeding results into scalable detection pipelines.
Automated Security Tools
I develop lightweight, efficient tools using Go, PowerShell, and Bash to automate reconnaissance, exploit chains, and detection bypass. From custom scanners to red-team utilities, my tools accelerate assessments and reduce manual effort.
Web & Infrastructure Penetration Testing
I conduct comprehensive assessments combining automated scanning with targeted manual testing. I uncover authentication weaknesses, logic flaws, and privilege escalation paths, providing actionable mitigation and business-impact analysis.
Credential Detection & Prevention
I engineered a tool to scan enterprise file shares, codebases, and documentation platforms for exposed secrets (API keys, tokens, passwords). The system uses entropy, regex, and heuristics to minimize false positives and prioritize risk-based remediation.
Enterprise Security Support
At AXA Group Operations and other major clients, I support internal red and blue teams with penetration tests, detection logic, tool integration into SIEM/XDR, and alignment with frameworks like MITRE ATT&CK®, NIST SP 800-53, and GDPR.
CHaaS: Credential Hunting as a Service
I introduced CHaaS at CPLNetwork—a continuous, strategic service blending automation and manual validation to detect credential exposures across cloud platforms, SharePoint, Git, and internal repositories. CHaaS delivers contextual risk classification, secure remediation workflows, and follow-up assurance—far beyond one-time scans.
Advanced Threat Modeling
I apply structured threat modeling to simulate attacker behavior, identify high-value targets, and expose system weaknesses, helping teams prioritize defensive measures and improve incident readiness.
Security Automation & Scaling
I build repeatable, automated security processes, including detection scripts, integration pipelines, and custom toolsets. My goal: scalable, efficient security embedded in daily operations.
User and Entity Behavior Analytics (UEBA)
I integrate behavioral analysis into security workflows to detect anomalies that bypass traditional defenses. Combining telemetry with threat modeling, I help detect credential misuse, insider threats, and stealthy persistence tactics.
Core Competencies
Cyber Defense
I design defensive strategies and detection workflows that anticipate attacker behavior. From SIEM/XDR integration to compliance alignment, I ensure systems are resilient against evolving threats.
Offensive Security
I specialize in full-scope offensive operations, including reconnaissance, exploitation, and post-exploitation. My work spans manual and automated penetration testing of web apps, APIs, and internal infrastructure. Deliverables include actionable findings, PoCs, and remediation guidance aligned with PTES and OWASP standards.
Threat Hunting
I lead proactive threat hunting engagements that go beyond alerts—identifying lateral movement, misconfigurations, and stealthy attacker behaviors. Logs, telemetry, and IoCs are correlated using MITRE ATT&CK®, feeding results into scalable detection pipelines.
Automated Security Tools
I develop lightweight, efficient tools using Go, PowerShell, and Bash to automate reconnaissance, exploit chains, and detection bypass. From custom scanners to red-team utilities, my tools accelerate assessments and reduce manual effort.
Web & Infrastructure Penetration Testing
I conduct comprehensive assessments combining automated scanning with targeted manual testing. I uncover authentication weaknesses, logic flaws, and privilege escalation paths, providing actionable mitigation and business-impact analysis.
Credential Detection & Prevention
I engineered a tool to scan enterprise file shares, codebases, and documentation platforms for exposed secrets (API keys, tokens, passwords). The system uses entropy, regex, and heuristics to minimize false positives and prioritize risk-based remediation.
Enterprise Security Support
At AXA Group Operations and other major clients, I support internal red and blue teams with penetration tests, detection logic, tool integration into SIEM/XDR, and alignment with frameworks like MITRE ATT&CK®, NIST SP 800-53, and GDPR.
CHaaS: Credential Hunting as a Service
I introduced CHaaS at CPLNetwork—a continuous, strategic service blending automation and manual validation to detect credential exposures across cloud platforms, SharePoint, Git, and internal repositories. CHaaS delivers contextual risk classification, secure remediation workflows, and follow-up assurance—far beyond one-time scans.
Advanced Threat Modeling
I apply structured threat modeling to simulate attacker behavior, identify high-value targets, and expose system weaknesses, helping teams prioritize defensive measures and improve incident readiness.
Security Automation & Scaling
I build repeatable, automated security processes, including detection scripts, integration pipelines, and custom toolsets. My goal: scalable, efficient security embedded in daily operations.
User and Entity Behavior Analytics (UEBA)
I integrate behavioral analysis into security workflows to detect anomalies that bypass traditional defenses. Combining telemetry with threat modeling, I help detect credential misuse, insider threats, and stealthy persistence tactics.
Core Competencies
Cyber Defense
I design defensive strategies and detection workflows that anticipate attacker behavior. From SIEM/XDR integration to compliance alignment, I ensure systems are resilient against evolving threats.
Offensive Security
I specialize in full-scope offensive operations, including reconnaissance, exploitation, and post-exploitation. My work spans manual and automated penetration testing of web apps, APIs, and internal infrastructure. Deliverables include actionable findings, PoCs, and remediation guidance aligned with PTES and OWASP standards.
Threat Hunting
I lead proactive threat hunting engagements that go beyond alerts—identifying lateral movement, misconfigurations, and stealthy attacker behaviors. Logs, telemetry, and IoCs are correlated using MITRE ATT&CK®, feeding results into scalable detection pipelines.
Automated Security Tools
I develop lightweight, efficient tools using Go, PowerShell, and Bash to automate reconnaissance, exploit chains, and detection bypass. From custom scanners to red-team utilities, my tools accelerate assessments and reduce manual effort.
Web & Infrastructure Penetration Testing
I conduct comprehensive assessments combining automated scanning with targeted manual testing. I uncover authentication weaknesses, logic flaws, and privilege escalation paths, providing actionable mitigation and business-impact analysis.
Credential Detection & Prevention
I engineered a tool to scan enterprise file shares, codebases, and documentation platforms for exposed secrets (API keys, tokens, passwords). The system uses entropy, regex, and heuristics to minimize false positives and prioritize risk-based remediation.
Enterprise Security Support
At AXA Group Operations and other major clients, I support internal red and blue teams with penetration tests, detection logic, tool integration into SIEM/XDR, and alignment with frameworks like MITRE ATT&CK®, NIST SP 800-53, and GDPR.
CHaaS: Credential Hunting as a Service
I introduced CHaaS at CPLNetwork—a continuous, strategic service blending automation and manual validation to detect credential exposures across cloud platforms, SharePoint, Git, and internal repositories. CHaaS delivers contextual risk classification, secure remediation workflows, and follow-up assurance—far beyond one-time scans.
Advanced Threat Modeling
I apply structured threat modeling to simulate attacker behavior, identify high-value targets, and expose system weaknesses, helping teams prioritize defensive measures and improve incident readiness.
Security Automation & Scaling
I build repeatable, automated security processes, including detection scripts, integration pipelines, and custom toolsets. My goal: scalable, efficient security embedded in daily operations.
User and Entity Behavior Analytics (UEBA)
I integrate behavioral analysis into security workflows to detect anomalies that bypass traditional defenses. Combining telemetry with threat modeling, I help detect credential misuse, insider threats, and stealthy persistence tactics.
[INF]
ping