██████╗██╗ ██╗██████╗ ███████╗██████╗ █████╗ ██╗███████╗██╗ ██╗ ██╔════╝╚██╗ ██╔╝██╔══██╗██╔════╝██╔══██╗██╔══██╗███║██╔════╝╚██╗██╔╝ ██║ ╚████╔╝ ██████╔╝█████╗ ██████╔╝███████║╚██║█████╗ ╚███╔╝ ██║ ╚██╔╝ ██╔══██╗██╔══╝ ██╔══██╗██╔══██║ ██║██╔══╝ ██╔██╗ ╚██████╗ ██║ ██████╔╝███████╗██║ ██║██║ ██║ ██║███████╗██╔╝ ██╗ ╚═════╝ ╚═╝ ╚═════╝ ╚══════╝╚═╝ ╚═╝╚═╝ ╚═╝ ╚═╝╚══════╝╚═╝ ╚═╝
[ Penetration Tester | AD Exploitation | Web App Security | Top 1% TryHackMe ]
I'm a penetration tester focused on Active Directory exploitation, web application security, and network assessments. I don't read about attack techniques — I build the environments, run the attacks, and write the reports.
- 🏆 Top 1% globally on TryHackMe — ranked against tens of thousands of active practitioners
- 🏗️ Built a Proxmox enterprise AD lab — full kill chains from initial access to domain compromise
- 🧰 Currently building Codex-Jinx — a personal dashboard to wrangle recon notes, exploit logs, and assessment tracking (because sticky notes don't scale)
- 📋 Produce written pentest reports with CVSS-scored findings and remediation — not just screenshots
- 🎓 Trained across TryHackMe · HackingHub · HackSmarter · WebSploit Labs · OWASP Juice Shop and Omar Santos' Art of Hacking (26+ hrs, OSCP-aligned)
- 📜 CompTIA Security+ · Network+ · ISC2 CC · Cisco Ethical Hacker · TryHackMe Jr. Penetration Tester (PT1) → pushing toward OSCP
The tools I actually use in lab work and assessments
Exploitation & Active Directory
Web Application
Reconnaissance & Cracking
Languages & Scripting
Infrastructure & Tools
Operating Systems
| Project | Description | Stack |
|---|---|---|
| AD Attack Lab | Multi-domain Proxmox environment — Kerberoasting, Pass-the-Hash, BloodHound attack path mapping, lateral movement end-to-end | Proxmox · Windows Server · Kali |
| Codex-Jinx | Personal ops dashboard — recon notes, exploit logs, and assessment tracking. Built because sticky notes don't scale. | JavaScript · Python |
| WebSploit Practice | 500+ exercises across Juice Shop, WebGoat, DVWA and custom Omar Santos labs targeting SQLi, SSRF, deserialization, GraphQL | Docker · Burp Suite · Kali |
| Pentest Reports | Structured assessment write-ups with CVSS scoring and remediation recommendations — mirroring real client deliverables | Markdown |
"The quieter you become, the more you are able to hear." — Kali Linux
"Hackers are breaking the systems for profit. Before, it was about intellectual curiosity and the pursuit of knowledge." — Kevin Mitnick
"The only truly secure system is one that is powered off, cast in a block of concrete and sealed in a lead-lined room with armed guards." — Gene Spafford
"Security is always excessive until it's not enough." — Robbie Sinclair
"In security, the first thing you have to do is enumerate." — every pentester ever
> Currently: enum → exploit → escalate → report → repeat
Open to junior penetration tester roles and red team internships | South Africa | Remote-ready