About
What do I do and what have I done?
This blog was initially started when I was in university to document my efforts in Capture The Flag (CTF) and wargame events, research into software exploitation. Over the years since university, my focus gradually drifted to developing tools to facilate penetration testing projects, which were published on my GitHub account. Over time, I stopped pushing content to this blog as I contributed to internal blogs and testing methodologies.
I am a principal security consultant at a cyber security firm and have been working at in the firm’s penetration testing team for over 8 years. Over the course of the 8 years, I honed my skills across many different penetration testing disciplines, and became the firm’s lead Subject Matter Expert (SME) for 2 service offerings:
- Wireless penetration testing, covering Wi-Fi, Bluetooth, RFID, NFC and other forms of wireless communication
- Environment breakout testing, covering breaking out of restricted systems, such as Citrix and RDS ecosystems
Ultimately as SME lead, my role is to help shape and continuly improve the service offerings under my charge, to ensure our customers can understand their threat landscape and address security risks.
As I begin to post to this blog again, I will be sharing my personal research, tooling, and thought leadership especially in the areas of wireless and Active Directory (AD) security.
Disclaimer: The thoughts and opinions are my own and not views of my employer.
How to approach me
My resources
Support
The best way to contact me about issues or bugs encountered with wireless tooling is to raise a issue ticket in the affected tool’s GitHub repo. For all other communication, email directly or DM on twitter.
