I work in offensive security with a focus on web application exploitation and structured penetration testing methodology. My work centers on understanding how systems fail — not just locating vulnerabilities, but tracing them back to the design decisions that made them possible.
Most of my current work involves CTF environments and lab-based research, with a deliberate focus on building methodology over collecting flags. Each writeup I publish is meant to document not just the exploit path, but the reasoning process — how the attack surface was scoped, what was enumerated, and why specific vectors were prioritized.
I'm progressing toward the OSCP certification, which aligns with my focus on structured, manual exploitation techniques over tool dependency. The lab environment forces disciplined enumeration and creative problem-solving under constraint — both of which are the actual skills that matter in the field.
My longer-term goal is to work in red team operations or offensive consulting, where the objective is to think and operate as an adversary against well-defended targets. I'm less interested in automated scanning outputs and more interested in understanding the systems deeply enough to find what automated tools miss.
This site is a working record of that development — not a polished marketing artifact. The writeups reflect real analysis at a junior level, with the expectation that the quality and complexity of the work improves over time.