All posts
Writing about offensive security, tooling, automation, career, and whatever else is on my mind.
Abusing MSBuild for Defense Evasion: A Detection Engineering Playbook
MSBuild is a trusted Microsoft binary that ships with every Windows installation — and it's a favorite tool for adversaries looking to execute arbitrary code…
Building a Custom C2 Channel Over DNS: Lessons from the Lab
Off-the-shelf C2 frameworks are powerful, but they come with known signatures. When you need to blend into normal network traffic, building your own channel is…
Using LLMs to Accelerate Recon: What Works, What Doesn't
I integrated GPT-4 into our red team reconnaissance and vulnerability triage workflow and cut manual effort by roughly 30%. Here's exactly how I did it, what…
Running 15 Purple Team Tests a Month: My Framework
Purple teaming at scale requires structure. When you're running roughly 15 tests per month across a large enterprise, you can't afford to wing it — but you also…
From PwC Auditor to Red Team Operator: A Non-Linear Career Path
People ask me all the time how I went from auditing pension funds at PwC to breaking into enterprise networks for a living. The honest answer is: slowly, and…
Smart Contract Auditing for Red Teamers: Where to Start
The overlap between offensive security and smart contract auditing is bigger than you think. If you can find vulnerabilities in web applications and APIs, you…