About Me
Hi, RogueSec is the name and Penetration Testing is my game. After completing the Certified Penetration Tester (CPTS) certification from Hack the Box, I decided to showcase all my accomplishments and work so far on one page. If you are a hiring manager, recruiter, or have any questions, please don’t hesitate to reach out to me via email.
Projects
Command Injection payloads for Linux and Windows
This project includes various lists of commands to inject into vulnerable web applications hosted on either Linux or Windows. The commands are separated into distinct payloads to facilitate differing stages of testing for Command Injections. Some payloads allow for testing of the ‘whoami’ command, while others allow attackers to test for various obfuscations of spaces or operators. My personal favorites are the Operators-Base64-* payloads, which allow an attacker to inject any command simply by using a Base64-encoded version of the command and using it in the payload. I have found that this technique is the jackpot of Command Injection attacks.
A set of scripts to install common, but not default, penetration testing tools in Kali Linux
This set of scripts installs penetration testing tools that are not installed by default in Kali Linux and organizes the tools into folders. These scripts come in handy when installing a fresh version of Kali Linux, including when accidentally breaking your Kali VM (which of course has never happened to any of us).
HTB Pro Labs
Offshore
Level 2 Red Team Operator
Intermediate-level red team simulation featuring interactive users and modern, hardened operating systems.
Offshore Pro Lab is an advanced infrastructure lab that simulates the look and feel of a real-world corporate network.
Zephyr
Level 1 Red Team Operator
Intermediate-level red team simulation Active Directory environment
Zephyr is an intermediate-level red team simulation environment, designed to be attacked as a means of learning and honing your engagement skills and improving your active directory enumeration and exploitation skills. Zephyr includes a wide range of essential Active Directory flaws and misconfigurations to allow players to get a foothold in corporate environments.
Dante
Level 1 Red Team Operator
Beginner-level red team simulation featuring common vulnerabilities, misconfigurations, and attack paths seen in real engagements.
Dante is a modern and beginner-friendly Pro Lab that provides the opportunity to learn common penetration testing methodologies and gain familiarity with tools included in the Parrot OS Linux distribution.
Certifications
CPTS
Certified Penetration Testing Specialist
A highly hands-on certification that assesses the candidates' penetration testing skills
Hack the Box Certified Penetration Testing Specialist certification holders will possess technical competency in the ethical hacking and penetration testing domains at an intermediate level. They will also be able to assess the risk at which an infrastructure is exposed and compose a commercial-grade as well as actionable report.
eCPPTv2
eLearnSecurity Certified Professional Penetration Tester
A practical, hands-on certification exam designed for professional Penetration Testers and Ethical Hackers.
The eCPPTv2 certification exam assesses and validates that the individual has the knowledge, skills, and abilities required to fulfill the role of a modern Penetration Tester.
eJPTv1
eLearnSecurity Junior Penetration Tester
A hands-on, entry-level Red Team certification that simulates skills utilized during real-world engagements.
The eJPT certification exam covers Assessment Methodologies, Host and Network Auditing, Host and Network Penetration Testing, and Web Application Penetration Testing.
Learn Python 3
Learn the basics of Python 3
Learn Python 3 from Codecademy teaches the basics of Python 3, one of the most powerful, versatile, and in-demand programming languages today.
A Little More About Me
Alongside my interests in penetration testing, some of my other interests and hobbies are:
- Retrowave Music
- Gaming
- Bitcoin
- Adobe Photoshop