CVEs. Pro Labs. Compromised Domains.
Every entry here is a real operation — published CVE research, top-tier adversary simulation labs completed, and CTF attack chains documented from first foothold to full domain compromise.
Adversary Simulation at Operator Level
Full Network Compromise via Lateral Movement
Enumeration to Domain Compromise, Documented
Advanced AD Persistence & Credential Dumping
Completed HackTheBox Dante Pro Lab — pivoted through segmented networks, escalated privileges across Windows and Linux hosts, and achieved full domain admin via AD abuse chains.
Completed RastaLabs — hardened Active Directory environment with EDR evasion, Kerberoasting, DCSync, and multi-stage persistence across a simulated enterprise forest.
Multiple CTF wins with published attack chains — each write-up covers recon, initial access, privilege escalation, and post-exploitation methodology against hardened targets.
Original Vulnerability Discoveries
Published CVEs from independent security research — each backed by a full technical write-up covering discovery, exploitation proof-of-concept, and remediation.
Unauthenticated Remote Code Execution
Privilege Escalation via Misconfigured Service
Active Directory LDAP Injection & Enumeration Bypass
Discovered a pre-auth RCE vulnerability in a widely deployed enterprise application. Full PoC developed, responsibly disclosed, and CVE assigned. Write-up covers exploit chain end-to-end.
Identified a local privilege escalation path in a Windows service due to insecure file permissions. Exploitation achieves SYSTEM-level access. Patch and timeline documented in write-up.
Uncovered an LDAP injection flaw enabling unauthenticated AD object enumeration. Demonstrated user and group extraction without valid credentials. Responsible disclosure coordinated with vendor.
This is the record. Ready to add yours.
CVE discoveries and Pro Lab completions on file. If your environment needs an operator who has already broken through hardened networks, the engagement starts here.