Professional Certifications
Industry-recognized credentials demonstrating expertise across cybersecurity, AI, and technology domains
IBM Proprietary Certifications
IBM Generative AI Foundations
Foundational knowledge in generative AI technologies and applications within enterprise environments.
π View CredentialIBM WatsonX Essentials
Comprehensive understanding of IBM's WatsonX platform and AI/ML workflow management.
π View CredentialTrustworthy AI and AI Ethics
Specialized knowledge in ethical AI development, bias mitigation, and responsible AI practices.
π View CredentialSecurity and Privacy by Design Foundations
Framework expertise for integrating security and privacy considerations throughout development lifecycles.
π View CredentialIBM Garage Essentials
Methodology training for design thinking, agile development, and DevOps practices in enterprise environments.
π View CredentialIBM Growth Behaviors
Professional development certification focused on leadership, collaboration, and continuous learning.
π View CredentialMicrosoft Gen AI, IBM Copilot Mega Event
Cross-platform training on generative AI integration and Microsoft-IBM collaborative technologies.
π View CredentialIndustry Certifications
Hunting Zero-Days in Embedded Devices
November 2024 β’ Advanced vulnerability research methodology for embedded systems and IoT devices.
π View DetailsAttacking Instant Messaging Applications
April 2024 β’ Specialized training on messaging protocol exploitation and security assessment.
π View DetailsWindows Instrumentation with Frida
February 2024 β’ Dynamic instrumentation and runtime manipulation techniques for Windows environments.
π View CredentialAdversarial ML Training
January 2024 β’ Machine learning security, adversarial attacks, and model protection strategies.
π View DetailsAdversary Simulation and Red Team Tactics
February 2021 β’ Advanced red team methodologies and adversary emulation frameworks.
π View DetailsWindows Internals
January 2018 β’ Deep-dive training with Alex Ionescu on Windows kernel architecture and internals.
π View DetailsOffensive Security Exploitation Expert (OSEE)
January 2017 β’ Elite-level Windows exploitation certification covering advanced vulnerability classes.
π View CertificationCREST Certified Infrastructure Tester (CCT INF)
May 2016 β’ Professional infrastructure penetration testing certification.
π View CertificationCREST Registered Penetration Tester (CRT)
April 2015 β’ Foundation-level penetration testing certification with practical assessment.
π View CertificationWeb Application Hacker's Handbook Live
January 2014 β’ Hands-on web application security assessment and exploitation training.
π View DetailsOffensive Security Certified Expert (OSCE)
January 2012 β’ Advanced Windows exploitation certification with custom exploit development.
π View CertificationCorelan Win32 Exploit Development Bootcamp
September 2011 β’ Intensive Windows exploit development training with the Corelan team.
π View DetailsOffensive Security Certified Professional (OSCP)
May 2011 β’ Flagship hands-on penetration testing certification with practical exam.
π View CertificationOffensive Security Wireless Professional (OSWP)
February 2011 β’ Specialized wireless network security assessment and exploitation certification.
π View CertificationPublic Speaking Engagements
Keynotes, presentations, and panels at premier cybersecurity conferences worldwide
OffensiveX: Type-2, Attacking AI-Enabled IDE's for Post-Exploitation
June 2025Presented advanced post-exploitation techniques for Electron applications, with a focus on AI-enabled IDEs (e.g., Cursor, Windsurf). Demonstrated persistence via custom plugins, extraction of sensitive data, and interaction with LLM providers for command execution, secret harvesting, and chat interception.
H2HC: The Kernel Hacker's Guide to the Galaxy: Automating Exploit Engineering Workflows
December 2024Presented Automated Exploit Engineering (AEG) for Windows kernel exploitation, showing how automation reduces Root Cause Analysis (RCA) cycle time and accelerates exploit development.
TIBER Closed-Door Meeting
November 2024Briefed regulators, financial institutions, and law enforcement on evolving threats and lessons from TIBER assessments across EU critical industries.
IBM Lunch & Learn: Secure Coding Refuelled
October 2024Led an internal software-engineering session distilling three CVEs into actionable secure-coding practices and cross-BU takeaways.
IBM Podcast: Mixture Of Experts
October 2024Guest expert discussing near-term AI developments and their security implications for enterprise environments.
TIBER Closed-Door Meeting
June 2024Panelist on Red Teaming methodology and TIBER/ART implementation, advising European regulators and major financial institutions.
SANS OffByOne Podcast
May 2024Shared guidance on offensive research careers and demonstrated dynamic reverse-engineering techniques on Windows and Android.
SAFACon: Laundering C2 Traffic though High-Reputation Services
April 2024Presented data-exfiltration channels for Red Team implants, including bypass techniques for highly restrictive environments.
IBM Cyber Range Opening
March 2024Participated in launch activities and a panel on Generative AI's impact on cybersecurity for public- and private-sector leaders.
SANS HackFest: Abusing the Microsoft Identity Platform
November 2023Showcased post-exploitation techniques against Entra ID/hybrid environments, including token decryption and user impersonation paths (Outlook, SharePoint, Teams).
BlackHat USA: Close Encounters of the Advanced Persistent Kind, Leveraging Rootkits for Post-Exploitation
August 2023Presented Windows rootkit research developed at IBM, including capability demonstrations and 0-day privilege escalation.
WWHF: Statikk Shiv: Leveraging Electron Applications For Post-Exploitation
May 2022Detailed techniques for harvesting auth tokens from corporate Electron apps to enable domain resource impersonation.
IBM RedCON: Throwing an AquaWrench into the Kernel
August 2020Introduced the team's Windows kernel rootkit (early iteration later expanded for Black Hat 2023).
Microsoft BlueHat: Staying # and Bringing Covert Injection Tradecraft to .NET
February 2020Demonstrated advanced .NET injection tradecraft to evade modern endpoint detection stacks.
BlackHat USA: SilkETW, Collecting Actionable ETW Data
August 2019Released and demonstrated SilkETW for real-time ETW telemetry collection with YARA support; later open-sourced for the community.
ConCon: Blue Shell Of Death
January 2015Presented a fileless PowerShell implant with modular loading designed for stealthy post-exploitation.
Training Courses Delivered
Comprehensive technical training programs delivered at leading cybersecurity conferences
Windows Instrumentation with Frida
Multi-day course on Windows binary instrumentation and function hooking, with hands-on labs for detection, research, and offensive capability development.
Windows Post-Exploitation, Subverting the Core
Comprehensive on-host attack-lifecycle training (sandbox escapes, privilege escalation, UAC bypass, persistence) with practical, scenario-driven exercises.
UAC 0day, all day
Four-hour workshop on UAC design flaws and bypasses (elevated copy, WinSxS/COM/DLL hijacks, environment abuse, split-token techniques).
Windows Breakout & Privilege Escalation
Workshop update covering breakout techniques for Terminal Services/Citrix and bypasses for SRP, AppLocker, and Group Policy controls.
Windows Privilege Escalation Workshop
End-to-end privilege escalation methodology; target enumeration, misconfiguration discovery, patch/installer analysis, and file/folder permission abuse with real-world labs.
Advanced Windows Exploitation
Assisted delivery of the flagship exploitation course (AWE/OSEE) focused on complex Windows vulnerability classes and mitigations.
Non-Buffer Overflow Exploitation Workshop
Full-day workshop on exploit primitives beyond stack overflows: format strings, integer overflows, use-after-free, and defeating ASLR/DEP.