I'm a Senior & Certified Red Team Operator and Offensive Security Specialist with hands-on experience in Adversary Simulation, Penetration Testing (Web, Mobile, API, Infra & Wi-Fi), and exploit development.
I've worked with major security firms and hold advanced certifications such as CRTO, eWPTXv2, DCPT and SYCP. I’m also credited with multiple CVEs, showcasing my offensive research capabilities.
<aside> <img src="/icons/info-alternate_gray.svg" alt="/icons/info-alternate_gray.svg" width="40px" /> Social:
Beacons:
f4_zzz - Link in Bio & Creator Tools | Beacons
YouTube:
</aside>
Actionable insights, hard-earned lessons, and original perspectives on offensive security from advanced red team tradecraft to real-world exploitation techniques.
CVE-2023-27218 — Shotcut XXE → SSRF via Malicious .mlt Project Files | Notion
Linux Privilege Escalation | Notion
Linux | /etc/passwd & /etc/shadow | Notion
Mobile Pentest Environment Setup Guide | Notion
Trello - Information Leakage | Notion
Custom labs I’ve created for the “https://boitatech.com/” Community CTF and personal study. These labs are designed to simulate real-world attack scenarios for learning and challenge-based training.
F4Tools Write-Up | AratuCTF | Notion
Python SSS | Python Super Secure Server | Notion
Python SSB | Python Super Secure Bot | Notion
PHP SSS Write-Up | AratuCTF | Notion
Detailed walkthroughs of CTF challenges, and advanced lab environments.