AVAILABLE FOR ENGAGEMENTS

KhubabAhmed

PENETRATION TESTER

PJPT-certified penetration tester with deep expertise in Windows internals, privilege escalation, Active Directory attacks, and malware development — finding the paths attackers exploit before they do.

PJPT CERTIFIED
khubab@pentest:~$bash
$ whoami
khubab-ahmed :: offensive-security
$ cat /etc/specialties
[+] Network & Web Penetration Testing
[+] Windows Privilege Escalation
[+] Active Directory Attacks
[+] Malware Dev & Evasion Research
[+] Digital Forensics & DFIR
$ cat recent.log
[✓] PJPT Certified · Dec 2025
[✓] Windows PrivEsc · Jun 2026
$ ./availability.sh
[✓] Open for red team & engagements
$
0+
Years Experience
0+
Certifications
0+
Assessments Done
0+
Security Tools Built
UNIQUE VALUE

Why Work With Me

Three things that separate this profile from every other "cybersecurity specialist" on your list.

CERTIFIED

PJPT Certified Pentester

Passed TCM Security's practical 5-day external network penetration test — real-world exploitation, AD compromise, and professional reporting under exam conditions.

External network recon & exploitation
Active Directory compromise chain
Client-facing pentest report
DUAL DOMAIN

Offensive + Forensics Depth

Rare combination of attacker and investigator perspective — I build malware AND analyse it, perform pentests AND respond to incidents. This dual lens finds what single-domain testers miss.

Windows malware development (C/C++)
DFIR investigations & memory forensics
Reverse engineering malicious binaries
BUILDER

Tool Builder Mindset

When off-the-shelf tools fall short, I build my own — custom C2 loaders, compliance automation, forensic utilities. Every tool is built to solve a specific real-world problem.

Nether's Gate — custom shellcode loader
SUMCESA — Cyber Essentials automation
Windows Write Blocker — forensic tool
PROFICIENCY

Technical Skills

Validated through certifications, real engagements, CTF competitions, and continuous lab practice.

Penetration Testing90%
Windows Privilege Escalation85%
Active Directory Attacks80%
Web App Security82%
Malware Analysis80%
Reverse Engineering72%

TOOL ARSENAL

Kali LinuxBurp SuiteMetasploitWiresharkIDA ProGhidraVolatilityAutopsyC/C++PythonPowerShellx64dbgNmapBloodHoundRubeusMimikatzCrackMapExecWinPEASPowerUpImpacketNucleiSQLMapYARASysinternals
STRUCTURED TRAINING

Featured Courses

52+ weeks of rigorous structured training covering every layer of offensive security and digital forensics.

Offensive Security

Ethical Hacking Masterclass

16
weeks
40
modules
PrivEsc · Completed

Windows Privilege Escalation

4
weeks
20
modules
Malware Dev

Windows Malware Development

20
weeks
100
modules
All 4 Courses
SERVICES

What I Offer

Specialised offensive and defensive security services — from initial foothold to full forensic investigation.

Penetration Testing

Full-scope black/grey/white-box engagements across networks, web apps, and Active Directory — following PTES & OWASP.

Red Team Operations

Adversary simulation — phishing, persistence, lateral movement, AD compromise, and ATT&CK-mapped objective reporting.

Vulnerability Assessment

Automated scanning + manual verification with CVSS-scored, prioritised remediation reporting and optional re-test.

Malware Analysis

Static and dynamic reverse engineering — IOC extraction, behavioural analysis, YARA rules, and threat intel reports.

Digital Forensics & DFIR

Incident triage, memory and disk acquisition, timeline reconstruction, and court-ready forensic investigation reports.

Security Research

Original vulnerability research, CVE discovery, proof-of-concept development, and responsible disclosure writeups.

Explore Services
PROJECTS

Featured Work

Security tools, forensic utilities, and research projects built from scratch to solve real problems.

Nether's Gate

PRIVATE

Custom C/C++ shellcode loader implementing AES/RC4 payload encryption, process injection, and sandbox evasion for red-team engagements.

C++ShellcodeEvasion

SUMCESA

Cyber Essentials compliance automation — correlates installed software against NVD/CVE databases and generates CVSS-scored PDF reports.

PythonFlaskCVE
View Source

Windows Write Blocker

Registry-level forensic write-blocker for Windows — preserves evidence integrity during acquisition with chain-of-custody CSV logging.

PythonForensicsDFIR
View Source
All 7 Projects
Kali LinuxBurp SuiteMetasploitWiresharkIDA ProGhidraVolatilityAutopsyC/C++PythonPowerShellx64dbgNmapBloodHoundRubeusMimikatzCrackMapExecWinPEASPowerUpImpacketNucleiSQLMapYARASysinternalsKali LinuxBurp SuiteMetasploitWiresharkIDA ProGhidraVolatilityAutopsyC/C++PythonPowerShellx64dbgNmapBloodHoundRubeusMimikatzCrackMapExecWinPEASPowerUpImpacketNucleiSQLMapYARASysinternals
CURRENTLY AVAILABLE

Ready to Test Your Defences?

Penetration test, red team engagement, malware analysis, or forensic investigation — let's define the scope and start finding what needs fixing before attackers do.