Designing Modular Security Platforms for
Cloud · Network · Web · API · Enterprise Infrastructure
I design and build offensive security platforms that model real-world adversary behavior across cloud, network, web, and enterprise environments.
My focus is on modular security frameworks — not isolated scripts — that identify attack paths, validate security posture, and help organizations understand their actual exposure before adversaries do.
Currently working as a Penetration Tester conducting network, infrastructure, and web application assessments for large-scale enterprise environments. I also write about offensive security in Persian to bring structured, practical knowledge to the regional security community.
Open to offensive security and red team roles in Germany and Europe.
🔴 Network & Infrastructure Attack path analysis · Protocol fuzzing · Firewall auditing · Traffic inspection
🌐 Web & API Security SSRF · IDOR · Injection · Business logic · GraphQL · API posture assessment
☁️ Cloud Security Misconfiguration detection · IAM exploitation · AWS · Azure · GCP
🔒 Identity & Access Active Directory attacks · Privilege escalation · Access control validation
⚙️ Security Automation Offensive tooling · Attack simulation · Automated vulnerability detection
Building 13 modular offensive security platforms — each covering a complete attack surface domain, built for practitioners, not compliance reports.
| Platform | Repository | Focus Areas |
|---|---|---|
| ☁️ Cloud Security | Nebula | IAM privilege escalation · IMDS credential harvest · Persistence · Role chaining · S3 exfiltration · AWS / Azure / GCP |
| 🌐 Web & API Security | Sentinel | SSRF → cloud creds · IDOR enumeration · JWT/OAuth attacks · SQL/NoSQL/SSTI injection · GraphQL exploitation |
| 📡 Network & Infrastructure | Aegis | SMB/LDAP/DNS/SNMP enumeration · Credential attacks · Lateral movement · DNS C2 tunneling · IoT/OT |
| 🔒 Active Directory | Sovereign | Kerberoasting · AS-REP roasting · DCSync · ACL abuse · Pass-the-Hash · Full AD kill chain |
| 🐳 Kubernetes & Cloud Native | Kraken | RBAC misconfig · Secret extraction · Container escape · SA token abuse · IMDS bridge · etcd access |
| 🔗 CI/CD & Supply Chain | BlackForge | GitHub Actions injection · Jenkins Groovy RCE · GitLab CI vars · ArgoCD defaults · Dependency confusion |
| 🔍 OSINT & Passive Recon | Spectre | Subdomain enumeration · Email harvesting · DNS intel · Certificate transparency · Infrastructure fingerprinting · Org footprinting |
| 🎭 Social Engineering | Mirage | Phishing page cloning · Credential harvesting · SPF/DKIM/DMARC analysis · MFA bypass simulation · Pretexting · C2 callbacks |
| 🗄️ Database Offensive | VaultBreaker | SQL injection exploitation · MongoDB/Redis/Elasticsearch unauthenticated access · Credential extraction · Data exfiltration |
| 👻 Evasion & Payload Crafting | Ghost | AMSI bypass · AV evasion encoding · Process injection · LOLBaS · Shellcode staging · EDR fingerprinting |
| 📱 Mobile Offensive | Pulse | Android APK analysis · Frida hooking · SSL pinning bypass · Intent exploitation · iOS binary analysis · Traffic interception |
| 📶 Wireless Attacks | Tempest | WPA2 handshake capture · Evil twin · Deauth · PMKID attack · RADIUS EAP exploitation · Rogue AP |
| 🔧 Physical & Hardware | Forge | BadUSB payload generation · RFID/NFC cloning · Physical recon · Lock bypass · Keylogger deployment · Hardware implants |
→ Modular architecture Frameworks, not one-off scripts
→ Automation first If it can be repeated, it should be automated
→ Offensive mindset Built to find what automated scanners miss
→ Real-world simulation Adversary behavior, not isolated CVEs
→ Practical output Findings that security teams can actually act on
→ Clean documentation A tool is only as good as its documentation
Languages & Scripting
Security Tooling
Cloud Platforms
Infrastructure & Frameworks
- Cloud attack path chaining across IAM, compute, and storage layers
- Network segmentation validation under adversarial conditions
- API security beyond OWASP Top 10 — authorization flaws and business logic exploitation
- Automating offensive security workflows at enterprise scale
- Writing an offensive security book in Persian — structured adversary simulation methodology
2025 – 2026 Completing and releasing the 13 security platforms
2026 Pursuing OSEE and advanced offensive certifications
Relocating to Europe — targeting senior offensive security roles in Germany
Building security platforms that model real-world adversaries and improve defensive resilience.