Cybersecurity Expert

Simulating real-world attacks to engineer resilient, intelligence-driven defenses.

Offensive & Defensive Threat Hunting Red Teaming Vulnerability Research

I am a cybersecurity expert specializing in ethical hacking, digital defense, and vulnerability assessment. My primary focus is on proactively identifying and mitigating risks before they can be exploited by malicious actors. I am strongly committed to safeguarding digital assets and anticipating adversarial tactics to remain one step ahead.

In addition to my cybersecurity expertise, I have a solid background in software development. I design and implement Python-based tools for automation, threat intelligence, and SIEM optimization. By integrating security and software engineering, I deliver efficient, resilient, and intelligent defense solutions.

I've been pursuing this journey with passion since 2022.

Website GitHub GitHub Repository

Terminal — secwexen@kalilinux: ~/system-audit

┌──(secwexen㉿kalilinux)-[~/system-audit]
└─$ sudo lynis audit system
[sudo] password for secwexen: **********

[INFO] Starting system audit (lynis 3.1.0)...
[✓] Core system checks completed
[✓] Network interfaces analyzed: eth0, wlan0
[✓] Security controls detected: nftables, apparmor, fail2ban

[INFO] Vulnerabilities and warnings:
    ├─ CVE-2024-6387: OpenSSH regreSSHion (system vulnerable)
    ├─ Kernel outdated: 6.5.0 (latest stable: 6.8.x)
    └─ SSH PasswordAuthentication enabled (weak security)

[✓] Hardening actions applied:
    ├─ SSH: PasswordAuthentication disabled
    ├─ Fail2ban: ssh jail enabled and restarted
    └─ Sysctl: net.ipv4.conf.*.rp_filter set to strict

[✓] Firewall rules verified (nftables active, inbound default deny)
[✓] AppArmor profiles enforced
[✓] AIDE integrity database updated
[✓] Report saved to /var/log/lynis-report.dat

Expertise Summary

Offensive & Defensive Security

Red/Blue team simulations, vulnerability assessments, and exploit development.

Rust & Python Engineering

Tools for automation, threat intelligence, and SIEM optimization.

OSCP Prep | Threat Hunting | SIEM

Hands-on labs, log analytics, and detection engineering.

CTF Creator & Participant

Designing and hosting Jeopardy and Attack-Defense challenges.

Focus Areas & Learning Path

Offensive Security

Penetration Testing (Web, Network, Wireless)
Vulnerability assessment & exploit development
Malware analysis & reverse engineering
Red team simulation & adversary behavior analysis
CTF challenge creation & hosting

Defensive Security

Incident response & digital forensics
Threat hunting & OSINT investigations
SIEM automation & detection engineering
Advanced threat modeling & risk assessment
Zero Trust architecture design & implementation

Software & Systems

Secure development (Rust, Python, Bash, C)
Network protocol analysis (Wireshark, Scapy)
Memory-safe systems with Rust
Container & cloud security (Docker, Kubernetes, AWS, Azure, GCP)
Security automation with CI/CD (Actions, GitLab CI, Jenkins)

Skills Matrix

Offensive Security

Metasploit, Metasploitable 2, Burp Suite, Nmap, SQLMap, Hydra, Gobuster, more.

Defensive & Monitoring

Splunk, ELK Stack, Wireshark, Suricata, Zeek, Wazuh.

Forensics

Autopsy, Volatility, FTK Imager, Binwalk, Ghidra, IDA Free.

Programming

Rust, Python, Bash, C, PowerShell.

Cloud & Infrastructure

Docker, Kubernetes, AWS, Azure, GCP.

OSINT Tools

Maltego, theHarvester, SpiderFoot, Shodan, Recon-ng, FOCA, Google Dorks, OSINT Framework.

Selected Projects

AAPP‑MART — Autonomous Attack Path Prediction & Multi‑Agent Red Team Simulation Engine

AI‑driven offensive security engine that predicts attack paths and simulates adversarial behavior using autonomous red‑team agents. Built for continuous security testing, adversary emulation, and high‑fidelity attack graph analysis.

Focus:

Adversary emulation, detection validation, attack path analysis

Tech:

Python, MITRE ATT&CK, autonomous agents

Capabilities:

Multi-agent simulation, attack graph generation, risk scoring

Visit GitHub Repository

Achievements & Contributions

Research in network security; developed new vulnerability scenarios
Built new Rust modules for AAPP-MART
Published technical notes on malware reverse engineering & protocol analysis
Performed vulnerability assessments in lab and authored PoC exploits
Designed CTF challenges adopted by local security communities

Current Work

Rust-based security tooling for automation
Advanced malware analysis & reverse engineering
OSCP preparation & HackTheBox labs
New CTF challenges for red team simulations
Threat hunting automation & SIEM data analytics

Certification Goals

Planned Certifications

OSCP — Offensive Security Certified Professional
GSEC — GIAC Security Essentials
CISSP — Information Systems Security
CompTIA Security+ — Foundational knowledge

Academic Focus

Secure systems design, malware analysis, incident response
MITRE ATT&CK & NIST frameworks — lab applications
Continuous learning through CTFs & collaborative projects

Contact & Professional Links

Professional Links

Website:

https://secwexen.github.io/

GitHub:

https://github.com/secwexen

CTF Writeups:

secwexen/portfolio

Research Notes:

secwexen/reflections

Contact

E-mail:

Coming soon

PGP Public Key:

Coming soon

Code of Ethics & Legal Notice

All research, simulations, and tools are conducted in controlled environments for learning and defensive purposes.
Responsible disclosure is strictly followed for any vulnerabilities discovered.
Tools are not intended for illegal use; misuse is strictly prohibited.
The goal is to enhance detection, improve defenses, and advance security research.

Legal Disclaimer: I am not responsible for any misuse or illegal use of any content.

All materials are provided solely for educational and defensive security purposes, and users are fully responsible for their own actions.