All posts
Writing about offensive security, tooling, automation, career, and whatever else is on my mind.
There Are Many More Pentesters Than Jobs
The number was always big enough to be its own argument. Three and a half million. That was the figure — three and a half million unfilled cybersecurity jobs…
Offensive Security Weekly: February 20, 2026
Three stories, examined with appropriate skepticism. 1. PromptSpy: First AI-Powered Android Malware — Or Just a Lab Curiosity? ESET published research on…
Abusing MSBuild for Defense Evasion: A Detection Engineering Playbook
MSBuild is a trusted Microsoft binary that ships with every Windows installation — and it's a favorite tool for adversaries looking to execute arbitrary code…
Building a Custom C2 Channel Over DNS: Lessons from the Lab
Off-the-shelf C2 frameworks are powerful, but they come with known signatures. When you need to blend into normal network traffic, building your own channel is…
Using LLMs to Accelerate Recon: What Works, What Doesn't
I integrated GPT-4 into our red team reconnaissance and vulnerability triage workflow and cut manual effort by roughly 30%. Here's exactly how I did it, what…
Running 15 Purple Team Tests a Month: My Framework
Purple teaming at scale requires structure. When you're running roughly 15 tests per month across a large enterprise, you can't afford to wing it — but you also…
From PwC Auditor to Red Team Operator: A Non-Linear Career Path
People ask me all the time how I went from auditing pension funds at PwC to breaking into enterprise networks for a living. The honest answer is: slowly, and…
Smart Contract Auditing for Red Teamers: Where to Start
The overlap between offensive security and smart contract auditing is bigger than you think. If you can find vulnerabilities in web applications and APIs, you…
The OSCP Course Won't Fully Prepare You — Here's What Will
By Derek Martin | March 2025 I recently passed the OSCP exam — root and Administrator on every target. But it took me five attempts to get there. I want to lead…