Cybersecurity Projects

Established a virtualized Active Directory lab to execute advanced attacks and utilized C2 frameworks for post-exploitation.

Building a custom command & control (C2) agent in Rust to research memory-safe offensive tooling and asynchronous communication.

Engineered custom detection rules and decoders for Wazuh SIEM to identify advanced threats by integrating CTI feeds for proactive threat hunting.

Internal penetration test of the “Search” environment to evaluate internal Active Directory security and identify attack paths to domain compromise.

Internal penetration test focused on an environment using Puppet (configuration management) to determine whether automation tooling and infrastructure could be abused for lateral movement and domain takeover.

A write-up / walkthrough of a Hack The Box Active Directory exercise called Office. The post documents the author’s step-by-step offensive workflow from recon to full domain compromise and explains several real-world AD techniques.