Independent offensive security consultant. Twenty years of engineering, eight of them deep inside MongoDB. I break database deployments, cloud estates, and AI systems under controlled conditions — then hand you the fix.
// hover the redactions — disclosure is always controlled
Capabilities
FORMAT: FINDING-STYLE
Authentication, authorization, encryption, network exposure, and operational hardening of MongoDB and Atlas deployments — reviewed by someone who spent eight years inside the vendor. Misconfigurations attackers actually exploit, not checklist noise.
Threat-intelligence-led adversary simulation for regulated environments. Built for TIBER-EU, DORA, and CBEST contexts — scoped, evidenced, and reported to the standard your regulator expects.
Offensive review of AWS, Azure, and GCP estates: identity boundaries, privilege escalation paths, data-exfiltration routes, and the cross-account trust relationships nobody documented.
Adversarial testing of LLM-backed applications: prompt injection, data leakage, tool-abuse chains, and the trust boundaries between your model, your data, and your users.
Manual, white-box review of your application source: logic flaws, authentication bypasses, injection, unsafe deserialization, and the insecure data flows scanners walk straight past. Every finding proven with a working exploit, not a static-analysis maybe.
Reverse engineering and exploitation of compiled applications and native services: memory-corruption bugs, unsafe parsing, and the trust boundaries inside the binaries your security depends on. From root cause to a reliable proof-of-concept.
Method
Targets, exclusions, escalation contacts, and legal authorization agreed in writing before a single packet moves.
Your environment mapped the way an adversary would map it — externally first, assumptions last.
Attack paths executed under agreed constraints, with full evidence capture and no production surprises.
Findings ranked by real exploitability, each with a reproduction path and a concrete fix. Debrief with your engineers, not just your auditors.
Fixes verified, residual risk stated plainly, report closed out.
Track record
Engagement models
Defined targets, defined timeline, defined deliverable. Best for MongoDB reviews, cloud architecture assessments, and AI/LLM testing.
TYPICAL: 1–3 WEEKSIntelligence-led, objective-based campaigns for regulated entities. Solo or embedded in your provider's team under TIBER-EU / CBEST frameworks.
TYPICAL: 4–12 WEEKSOngoing offensive security counsel: architecture reviews, threat modeling, secure design input, and on-call expertise for your engineering teams.
TYPICAL: MONTHLY RETAINERWriting / Research
ARCHIVE: 4 ENTRIES
In 2019 I started exploring Offensive Security as a change in career as I have spent the majority of my career in development, DevOps and Consulting.
Taking part in the H@ctivityCon CTF 2021 doing the two mobile challenges, I was able to recover the flag for two of the challenges.
Managing API Keys and Secrets when working with CLI’s can be and interesting security challenge. Keeping CLI tools logged in exposes cloud systems to exploitation of tools like ...
You might have heard that using public wifi is insecure but how insecure can it really be? Whenever you are connected to any network the data that you exchange with any other c...
Contact