Zyad Elsayed Abdelbary
Offensive Security Enthusiast | Pentester | Red Team Mindset
โIn the codeโs silence, I find the flaws. In the systemโs chaos, I build control.โ
Security practitioner focused on breaking, building, and hardening systems โ from web apps to enterprise Active Directory. Currently focused on red teaming, adversary simulation, and C2 & malware research (research and testing performed only in authorized, legal environments).
When not dissecting exploits, youโll find me:
- ๐ฎ playing tactical shooters like Rainbow Six Siege and Valorant
- ๐๏ธ watching Formula 1
- โ caffeinating my way through PowerShell and Python scripts
| Domain | Expertise |
|---|---|
| Offensive Security | AD Exploitation, Lateral Movement, Privilege Escalation |
| Web Application Security | OWASP Top 10, API Security, Source Review |
| Infrastructure | Network Recon, Threat Simulation, Detection Evasion |
| Tooling & Scripting | PowerShell, Bash, Python |
| Automation & IaC | Docker, CI/CD Security, Environment Hardening |
Toolbox:
PowerShell โข Burp Suite โข BloodHound โข Metasploit โข Impacket โข Responder โข Certipy
- ๐ ๏ธ SecureShell-Pro โ Remote browser terminal (Chrome extension + server) with TLS/WSS, session logging, and admin controls. Notes: add a demo GIF, architecture diagram, and a short secure-deployment guide.
- ๐งช OSEP โ Notes & Payloads โ Curated study material for post-exploitation and evasion. Notes: add an index, mapping to OSEP objectives, and a clear disclaimer about responsible use.
- ๐งฉ Get-SecurityInfo โ PowerShell recon toolkit for host & domain snapshots (AD, ACLs, system config). Notes: include example output, safe-run flags, and CI-friendly usage.
- โ๏ธ vtotalenum โ VirusTotal-driven subdomain enumerator for automated triage. Notes: add usage examples, rate-limit guidance, and API key handling best-practices.
- ๐ฅ CVE-2023-42793 โ TeamCity RCE PoC demonstrating exploit validation and mitigations. Notes: label as research, provide mitigation steps, and responsible-disclosure timeline.
Focused on offensive tooling, AD misconfig abuse, and automated recon frameworks.
- ๐ฅ Hack The Box โ Elite Hacker Tier (Top 1.5%)
- ๐ง Completed multiple pro labs (Dante, Zephyr, Offshore)
- ๐จโ๐ซ Led security circle trainings & red team workshops
- ๐งฉ Built custom CTF challenges (Web, Network, AD)
๐ฎ Tactical gamer at heart:
โ Rainbow Six Siege | Valorant | Battlefield
๐๏ธ F1 addict:
โ Strategy, speed, and precision = life principles
โ Coffee + Code + Chaos = Perfect Day
All tools, PoCs, and write-ups in this repo are intended for educational and authorized-penetration testing only. Do not use them against systems you do not own or have explicit permission to test. If you discover a vulnerability, follow responsible disclosure practices.
- ๐ Portfolio/Blog: b4l3ri0n.github.io
- ๐ฆ X/Twitter: @B4l3rI0n
- ๐ผ LinkedIn: Zyad Elsayed Abdelbary
โStay stealthy. Stay curious. Hack. Learn. Repeat.โ
ยฉ 2025 B4l3rI0n. Built with โค๏ธ and caffeine.