Whoami

Currently studying for CompTIA Security+ and Network+ certifications, completing college coursework. Open to freelance work.

Developed PowerSploit (C#) to build in-memory PowerShell loaders which use RunPE + obfuscation to execute .NET payloads. Bypassed AV runtime and scantime detection. Github repo coming soon...

Built VisualSploit (C#) to demonstrate MSBuild exploitation. Malicious .csproj files that execute code through trusted build processes. Based on that 2021 NK supply chain attack against security researchers.

Independently prototyped and developed an LLM-powered SEO analysis product for Think Big Technology, integrating a Next.js frontend with a Flask + SQLAlchemy backend. Wrote over 9,000 lines of TypeScript and Python, designed UI/UX.

Started at Think Big Technology as an IT Security Engineer. Managing security ops for two client organizations - quarterly internal penetration tests, incident response, infrastructure monitoring. Mentoring an intern on SOC operations.

Starting teaching position at The Coding Place - Python/Java/C++ for K-12 students. Turns out explaining pointers to 12 year olds can be harder than reversing malware.

Official Cobalt Strike module adapted from my HVNC project. My open source work is now being used in commercial offensive security tooling.

Reverse engineered live malware from Venom RAT, Pandora HVNC (both C# .NET). Shared IOCs with Antivirus vendors via VirusTotal.

HVNC project gaining in popularity in the open source community. Security researchers and professors started reaching out.

1,250+ followers on HackForums. 30+ sales, 100% positive. Earned thousands in generated revenue.

Truly enjoying pentesting; I fell in love with the creative process. Pwned another 9 machines (15 total) this month.

Began to practice penetration testing / offensive security. Pwned 6 machines on HTB throughout this month.

Joined HackTheBox.

Developed process hollowing with parent PID spoofing (C#). Spawns hollowed process as child of explorer.exe instead of your loader.

Fixed, modernized, and reconstructed HVNC in Tinynuke as standalone client/server (C++). Hidden desktop sessions, browser launching, remote access without the botnet overhead. Posted to GitHub.

Signed up to crackmes to learn reverse engineering. Learned Ghidra for native code, DnSpy and ILSpy for .NET apps.

Built my first RAT (C#) - delivery was basic process injection + RunPE. Learned COM hijacking for persistence. Figured out how to unhook NTDLL to dodge userland hooks.

Joined HackForums.

Self-taught Python, C#, Java, C++, web dev during COVID lockdown. Freshman/sophomore year of high school. Virtual classes meant a lot of time to code.