// INITIALIZING SECURE CONNECTION...

0xNullByte

Penetration Tester & Security Researcher

Offensive security specialist focused on breaking things before the bad guys do. Specializing in red team operations, vulnerability research, and hardening critical infrastructure.

View Projects Get In Touch
127+
CVEs Found
8
Years Active
43
Bug Bounties
01

About

$ whoami
0xNullByte
 
$ cat /etc/profile
Location: Remote / Worldwide
Role: Senior Penetration Tester
Focus: Offensive Security
Status: Available for contracts
 
$ ls ./certifications/
OSCP  CEH  CISSP  eJPT  CRTO
 
$ _

I'm a cybersecurity specialist with 8+ years of hands-on experience in offensive security operations, vulnerability assessment, and security research. I help organizations identify and remediate critical weaknesses before adversaries can exploit them.

My work spans red team engagements, web application pentesting, network infrastructure assessments, and social engineering simulations. I've disclosed vulnerabilities to major tech companies and contributed to open-source security tooling.

When I'm not breaking things professionally, I compete in CTF competitions, research exploit development techniques, and write about the latest security findings on my blog.

OSCP CEH CISSP eJPT CRTO HTB PRO HACKER
02

Skills & Expertise

[01]
Penetration Testing
Full-scope network & app pentests, OWASP methodology, PTES framework
MetasploitBurp SuiteNmap
[02]
Red Team Ops
Adversary simulation, C2 infrastructure, lateral movement, persistence
Cobalt StrikeSliverBloodHound
[03]
Exploit Dev
Buffer overflows, ROP chains, shellcode crafting, kernel exploitation
GDB/PEDApwntoolsIDA Pro
[04]
Web Security
SQLi, XSS, SSRF, IDOR, OAuth flaws, API security testing
Burp Suite ProOWASP ZAPffuf
[05]
Malware Analysis
Static/dynamic analysis, sandbox evasion, reverse engineering
Ghidrax64dbgYARA
[06]
Cloud Security
AWS/Azure/GCP misconfigurations, IAM privilege escalation, S3 exposure
PacuScoutSuiteProwler
03

Portfolio & Projects

/01
PhantomC2
A lightweight, modular command-and-control framework built for red team engagements. Features encrypted communications, malleable profiles, and OPSEC-safe implants designed to evade modern EDR solutions.
C2 Framework Go / Python Red Team
Live
/02
CVE-2024-XXXX Research
Discovered and responsibly disclosed a critical RCE vulnerability in a widely-used open-source SIEM platform. Wrote a full technical write-up including PoC exploit code and mitigation guidance.
CVE RCE Vulnerability Research
Published
/03
AutoRecon++
Extended version of the popular AutoRecon tool with custom modules for cloud asset enumeration, API endpoint discovery, and automated vulnerability correlation reporting.
Open Source Python Recon
Live
/04
CloudHunter
Automated cloud misconfiguration scanner targeting AWS, Azure, and GCP environments. Identifies over 200 common misconfigurations including exposed storage buckets and overly permissive IAM policies.
Cloud Security Python / Terraform AWS / Azure
In Progress
04

Blog

2025-03-12 Exploit Dev
Bypassing Modern EDR with Custom Shellcode Loaders
A deep-dive into how endpoint detection and response tools analyze process behavior, and how red teamers can craft loaders that fly under the radar using indirect syscalls and sleep obfuscation.
Read More
2025-02-04 Web Security
OAuth 2.0 Misconfigurations That Lead to Account Takeover
Exploring five real-world OAuth implementation flaws I've encountered during bug bounty hunting, including redirect URI bypass and PKCE downgrade attacks — all with working PoC examples.
Read More
2025-01-19 Cloud Security
AWS IAM Privilege Escalation: A Complete Playbook
Comprehensive walkthrough of 20+ AWS IAM privilege escalation techniques, from PassRole abuse to Lambda execution policy misconfigurations. Includes detection and hardening guidance for defenders.
Read More
05

Contact

[PGP]
PGP Key
0xDEADBEEF1234CAFE
[MSG]
Email
nullbyte@protonmail.com
[GIT]
GitHub
github.com/0xNullByte
[IRC]
Matrix / Signal
On request only
// NOTE
All sensitive communication should be encrypted with PGP. Response time is typically 24–48 hours.