WORK

[ note ] sections marked “in progress” are being assembled. [12/11/2025]

A collection of offensive security projects, tooling, research notes, and ongoing work. Each entry links to a dedicated page with methodology, code samples, and documentation. Some of these are still under construction, but they'll be up in the next few days. A lot of content to format.

Active Projects

  • bomb — External Attack Surface Enumerator [in progress]
    Python · reconnaissance · automation · export formats

    A modular enumeration and validation tool for external pentests. Subdomain discovery, fingerprinting, asset classification, and automated reporting for ingestion into other tools and platforms.

  • Homelab Architecture & Adversary Simulation Lab
    Proxmox · Windows/AD · detection · lab design

    A Proxmox-based environment with a Windows domain, attacker infrastructure, and logging stack, used to rehearse full attack chains and experiment with detection logic and lab scenarios.

  • Proxmark3 Long-Range Antenna Project [in progress]
    RFID/NFC · hardware · signal testing

    Custom antenna design, tuning workflow, and signal-capture methodology for badge cloning and physical red team engagements, with notes on range testing and practical constraints.

Research & Writeups

  • Phishing & Social Engineering Research [in progress]
    psychology · tradecraft · simulation

    Notes and experiments from building and running phishing and social engineering campaigns, focusing on psychological principles, lures, pretext development, and how organizations actually respond.

  • Lab-Recreated Vulnerabilities & Exploit Notes [in progress]
    web · auth bypass · injections · business logic

    De-identified recreations of interesting findings from past tests, rebuilt in a lab environment. Includes vulnerable code examples, exploitation steps, and remediation notes.

  • Cloud IAM Attack Paths [in progress]
    AWS/Azure · IAM · privilege escalation

    Exploration of common IAM misconfigurations, enumeration techniques, and escalation paths in cloud environments, with lab scenarios and practical guidance for both attackers and defenders.

Other Work & Experiments

  • COBOL & Legacy Systems Notes [in progress]
    legacy computing · old languages

    Experiments and study notes from learning COBOL and exploring how legacy systems behave, with an eye toward security implications and long-lived infrastructure.

  • Film Photography · Field Logs [in progress]
    35mm · FM3a · analog documentation

    Selected film shots and notes from travel, homelab building, and red team life on the road, part of the joy of observation and documentation.