I am an Offensive Security Enthusiast specializing in Web, API, and Google Cloud Platform (GCP) testing. When I am not hunting for vulnerabilities, I am building automated infrastructure and dabbling in cloud engineering with GCP.
- I'm currently learning Red Team Operations
- I participate and blog some CTF Challenges here: dev.to/davidonlinearchive
- I enjoy writing Offensive security tools
- I'm looking to collaborate with Cyber Security Enthusiasts and Hackers
A virtualized offensive security environment built to simulate a corporate infrastructure. It allows for the safe execution of Kerberos-based attacks and the study of privilege escalation within a Windows domain.
Key Features:
- Isolated VM-to-VM communication with controlled internet access
- Integrated BloodHound and Neo4j to identify and map privilege escalation paths
- Modular design allowing for the addition of multiple Windows clients and attack nodes
Technologies: Windows Server 2019, BloodHound, PowerShell, Kali Linux, Impacket
Repo: Active-Directory-Lab
A directory enumeration tool designed for rapid path discovery and security assessment of web applications.
Key Features:
- Utilizes Go worker pools and goroutines for performant, multi-threaded discovery
- Implemented mutex synchronization to prevent data conflicts across workers
Technologies: Golang, Goroutines, HTTP
Repo: sdirb
An automated Terraform project to deploy a secure, Debian web server on Google Cloud Platform.
Key Features:
- Provisions a secure web server environment with a single command
- Implements automated setup for isolated environments and key security tools
Technologies: Google Cloud, Terraform, Debian
Repo: gcp-terraform-starter
Go Bash Rails HTML PowerShell Python Postgres
Google Cloud Microsoft Azure Arch Linux Debian Kali Linux Windows