Welcome to my GitHub profile.
Red Team Consultant | Penetration Tester | Security Researcher
"I help organizations understand their security posture by attacking it."
I'm an offensive security professional with 3 years of hands-on experience conducting red team operations, penetration testing, and adversarial emulation across enterprise, government, and industrial control environments. Graduated with MS in Cybersecurity from Northeastern University.
Previously: Security Consultant at Ernst & Young, Cybersecurity Consultant for Government of India (commended by PM's Office 2021), and Cybersecurity Consultant Co-op at Factory Mutual.
|ββ Offensive Security
β βββ Red Team Operations & Adversarial Emulation (MITRE ATT&CK)
β βββ Active Directory Exploitation (Kerberoasting, ADCS, ACL abuse)
β βββ Web Application Penetration Testing (SQLi, XSS, RCE)
β βββ C2 Operations (Cobalt Strike, Sliver, custom frameworks)
β βββ Post-Exploitation (Lateral Movement, Privilege Escalation, Persistence)
β
βββ Security Research & Development
β βββ Custom C2 Framework Development (ARM64/Linux)
β βββ Exploit Development (Buffer overflows)
β βββ Malware Analysis & Reverse Engineering
β βββ ICS/OT Security Assessment
β
βββ Education & Content Creation
βββ CTF Challenge Design & Infrastructure
βββ Technical Blog Writing
βββ Security Lab Design Automation (Docker, Bash, Python, Virtual Machines)
Languages & Frameworks
C/C++ β’ Python β’ ARM64/Aarch64 Assembly β’ x86/x64 Assembly β’ Go β’ PowerShell β’ Bash β’ C#
Offensive Security Tools
Cobalt Strike β’ Metasploit β’ Sliver C2 β’ BloodHound β’ Mimikatz β’ Impacket β’ CrackMapExec
NetExec β’ Burp Suite β’ SQLMap β’ Nmap β’ Responder β’ Empire β’ Covenant β’ Havoc C2
Specializations
Active Directory Security β’ Web Application Security β’ Binary Exploitation
ICS/OT Security β’ Wireless Security (WPA2, EAP) β’ Cloud Security (AWS/GCP)
Container Security (Docker, Kubernetes) β’ SIEM Operations (Splunk)
- Check out some write-ups here.
- My medium blog: https://a-learner.medium.com/
- Significance of Cloud Security Policies and Practices in Corporations and Organizations - IJET 11(5): 320-329 (2020)
- Assessing PiKVM as a Threat in Modern Organizations - Analyzed weaponization of Raspberry Pi-based KVMs by APT groups, developed 5+ detection/remediation guidelines. More on my LinkedIn profile.
Offensive Security Certifications
- π΄ OSCP - Offensive Security Certified Professional
- π΄ CRTO - Certified Red Team Operator (Zero-Point Security)
- π΄ CRTP - Certified Red Team Professional (Altered Security)
- π΅ CEH - Certified Ethical Hacker
- π΅ ECSA - EC-Council Certified Security Analyst
- π’ PT1 - TryHackMe Junior Penetration Tester
Recognition
- π PM's Office Commendation (July 2021) - For offensive security and adversary emulation excellence.
- π₯ 3rd Place - Malware Analysis CTF, Northeastern University (Spring 2025)
I'm always interested in discussing offensive security, red team operations, exploit development, and security research.
- πΌ LinkedIn: linkedin.com/in/pratikdas-cy
- π Medium: a-learner.medium.com
- π§ Email: pratikdasofficial@outlook.com