# Intro - whoami
[](https://z3r0.gitbook.io/roadman-and-prep-for-oscp)
## Whoami
**Prince aka Z3R0**
**Offensive Security Researcher | Penetration Tester | Red Teamer**
> *"With curiosity, any system can be owned and with dedication any hack can be stopped."*
***
### π¨βπ» About Me
Iβm an offensive security enthusiast focused on **real-world exploitation, creative attack paths, and deep technical research**.
I donβt just run tools β I break systems apart to understand *why* they fail. My approach blends structured methodology with curiosity-driven exploration, allowing me to uncover vulnerabilities others might overlook.
Currently on a focused journey toward **OSCP-level mastery**, documenting everything along the way β from enumeration to full domain compromise.
This is not just a certification path.\
Itβs a mission to continuously evolve.
***
### π Core Skills & Technical Arsenal
#### π Offensive Security & Penetration Testing
* End-to-end security assessments across web applications, internal networks, and standalone systems
* Black-box, white-box, and gray-box testing methodologies
* Vulnerability identification, exploitation, and impact validation
* Structured reporting with risk-based analysis and remediation guidance
#### π Application & Web Security
* Identification and exploitation of common and advanced web vulnerabilities
* Authentication, authorization, and business logic testing
* API security assessment
* Secure code review fundamentals and misconfiguration analysis
#### π₯ System Exploitation & Vulnerability Research
* Software vulnerability analysis and exploit development
* Binary analysis and debugging
* Mitigation bypass techniques
* Manual exploitation beyond automated tooling
#### π§ Reverse Engineering & Analysis
* Static and dynamic binary analysis
* Code deconstruction and behavioral analysis
* Obfuscation analysis and logic reconstruction
#### π΄ Privilege Escalation & Post-Exploitation
* Windows and Linux privilege escalation techniques
* Credential access and lateral movement strategies
* Persistence mechanisms and environment pivoting
* Post-exploitation enumeration and impact assessment
#### π’ Active Directory & Enterprise Attacks
* Domain enumeration and attack path analysis
* Credential abuse and trust relationship exploitation
* Lateral movement within enterprise environments
* Red teamβstyle domain compromise simulations
#### π Offensive Operations & Red Team Methodology
* Attack chain development and adversary simulation
* Operational security awareness
* Payload customization and controlled execution
* Infrastructure-based testing and lab design
***
### π Certifications
**Offensive Security Certified Professional - Plus (OSCP+)**
Issuer: Offensive Security
***
\
**Offensive Security Certified Professional (OSCP)**
Issuer: Offensive Security
***
\
**C|EH - Certified Ethical Hacker (Master)**
Issuer: EC-Council
***
\
**C|CT - Certified Cybersecurity Technician**
Issuer: EC-Council
***
\
**CompTIA Security+**
Issuer: CompTIA
***
\
**Google Cybersecurity Certificate**
Issuer: Google (via Coursera)
***
\
**RHCSA - Redhat Certified System Administrator**
Issuer: Redhat Enterprise
***
### π Featured Projects
#### πΎ MalwareAcademy - Malware Documentations
**Date:** Jan 2026 - Present
**Description:**\
Security research project focused on Linux kernel internals and advanced kernel module development. Explored syscall hooking, stealth techniques, privilege escalation, and modern mitigation bypasses (SMEP/SMAP/KASLR). Developed 40+ proof-of-concept implementations across multiple domains in isolated lab environments for defensive research and detection strategy development.
#### ποΈ ZeroEye - Threat Monitoring Tool
**Date:** Jan 2026 - Present
**Description:**\
Automated threat monitoring tool that tracks Pastebin and GitHub Gists in near real-time to detect phishing, malware, credential leaks, and scams. Implements intelligent keyword detection, IOC extraction, duplicate filtering, and structured logging. Designed to provide early warning intelligence for blue team and threat research operations.
#### ποΈ Hall of Threats - Documentations
**Date:** Nov 2025 - Present
**Description:**\
Ongoing threat intelligence documentation project analyzing real-world threat actors and their TTPs. Includes attack chain reconstruction, behavioral analysis, and IoC documentation derived from OSINT and active threat hunting. Focused on translating observed attack patterns into actionable defensive insights.
#### π 0Password - Secure Offline Password Manager
**Date:** Jul 2025 - Jul 2025
**Description:**\
Privacy-focused offline password manager built in Python with zero cloud dependencies. Implemented Argon2/PBKDF2 key derivation and encrypted SQLite storage using Fernet (AES + HMAC). Designed for complete local data sovereignty with secure credential handling and portable distribution.
#### βοΈβπ₯ Penetration Test and CTF - ENPM685 Grade Server
**Date:** May 2025 - May 2025
**Description:**\
Conducted a full-scope penetration test on a vulnerable βgrade serverβ as part of a graduate security course. Performed reconnaissance-to-exploitation workflow to capture four hidden flags simulating real-world attack scenarios. Delivered a professional penetration test report and achieved a perfect score.
#### π₯οΈ Cybersecurity Incident Response Tabletop Exercise - Terrapin, Inc.
**Date:** May 2025 - May 2025
**Description:**\
Participated in a structured incident response simulation involving a multi-domain Active Directory environment. Assumed IT leadership roles to assess risk, coordinate response actions, and adapt to evolving attack scenarios. Produced a comprehensive post-incident report outlining decisions and lessons learned.
#### π₯ Demonstration and Analysis of Malware Attacks and Cyber Threat Vectors
**Date:** Jun 2024 - Jun 2024
**Description:**\
Undergraduate capstone project demonstrating phishing, reverse shell, and ransomware attack simulations in controlled lab environments. Analyzed threat actors and common attack vectors while showcasing practical exploitation techniques. Focused on awareness, detection, and defensive strategy reinforcement.
***
### π§ Final Word
Security is not a destination β itβs a continuous pursuit of understanding how systems break and how they can be strengthened.
My goal is not just to earn certifications, but to develop the depth required to operate at a professional offensive security level β where creativity, precision, and discipline intersect.
Every lab, every exploit, and every writeup is a step toward mastery.
The journey continues.
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://z3r0.gitbook.io/z3r0/readme.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.