SERVICES

What I Offer

Comprehensive offensive and defensive security services for modern organisations.

Penetration Testing

1–4 Weeks

Full-scope black, grey, and white-box engagements across web apps, APIs, internal networks, and Active Directory environments — following PTES and OWASP standards.

FEATURES

Web Application & API Testing
Internal Network Penetration
Active Directory Attacks
Windows Privilege Escalation

TOOLS

Burp SuiteNmapMetasploitBloodHoundWinPEASCrackMapExec
Enquire

Digital Forensics & DFIR

Variable (Emergency Response)

Incident response and forensic analysis to investigate breaches, recover critical evidence, and reconstruct attack timelines.

FEATURES

Memory Analysis
Disk Forensics
Timeline Analysis
Evidence Preservation

TOOLS

AutopsyVolatilityFTKWiresharkElastic Stack
Enquire

Malware Analysis

3–7 Days

Static and dynamic analysis of malicious software to extract IOCs, understand capabilities, and develop detection mechanisms.

FEATURES

Static Analysis
Dynamic Analysis
Reverse Engineering
IOC Extraction

TOOLS

IDA ProGhidrax64dbgYARAAny.run
Enquire

Security Research

2–8 Weeks

Original vulnerability research, CVE discovery, and writeup publication — turning findings into actionable intelligence.

FEATURES

CVE Discovery
Vulnerability Research
Technical Writing
Community Contribution

TOOLS

IDA ProGhidraFuzzing FrameworksCustom Tooling
Enquire

Vulnerability Assessment

1–2 Weeks

Systematic scan-to-exploit cycle identifying security weaknesses across infrastructure and web environments.

FEATURES

Automated Scanning
Manual Verification
Risk Scoring
Remediation Planning

TOOLS

NessusOpenVASNmapNiktoCustom Scripts
Enquire

Red Team Operations

2–6 Weeks

Full adversary simulation — from initial phishing and foothold to lateral movement, Active Directory compromise, and objective-based reporting.

FEATURES

Phishing & Social Engineering
Lateral Movement
Active Directory Attacks
Persistence & C2

TOOLS

Cobalt StrikeHavocBloodHoundRubeusMimikatzCrackMapExec
Enquire
METHODOLOGY

How I Work

Every engagement follows a structured, transparent methodology — no surprises, just results.

01

Scoping

Define objectives, rules of engagement, in-scope targets, and success criteria together before anything begins.

02

Recon

Passive OSINT gathering, active enumeration, and full attack-surface mapping across all declared target vectors.

03

Exploitation

Controlled, evidence-based exploitation of discovered vulnerabilities to measure real-world impact and blast radius.

04

Reporting

CVSS-scored findings, proof-of-concept evidence, executive summary, and a prioritised remediation roadmap.

Need a Custom Engagement?

Every environment is different. Reach out to discuss tailored scope, timeline, and pricing.

Get In Touch