ar0x_
Red Team Operator // Incident Responder // Security Researcher
ar0x
Red Team Operator & Security Researcher
Breaking into things by day and wondering why the SOC hasn’t called yet by night. Somewhere between DFIR and Red Teaming, fluent in “how did they get in?” and “watch me get in.” Mostly focused on Active Directory and Windows internals, plus the fun part of red teaming where C2 traffic, tradecraft, and tooling actually have to survive reality. It’s not a vulnerability. It’s an undocumented feature. 🔓
OPERATOR CONSOLE
▶Active Beacon
BEACON ID
0x4444
HOSTNAME
enigma
USER
ar0x
STATUS
active
0x4444
Areas of Focus
Red Teaming
Adversary Emulation, Custom Tooling, OPSEC
AD & Entra Security
Offense & Defense, Attack Path Analysis, Hardening
Threat Hunting & DFIR
IR, Forensics, Detection Engineering, SOC Operations
Windows Internals
Reversing, Auth Protocols, COM/DCOM, Credential Subsystems
Talks & Presentations
- →Cooking ...