Hi, my alias is

Durok.

I like to think laterally.

Fueled by curiosity, compiled with passion, and executed with precision.

Blog

About Me

Cyber Security guy with a thing for researching threats, breaking things ethically, and automating whatever feels repetitive. I get completely absorbed when something sparks my curiosity and I enjoy going deep until I figure it out. In my spare time I tinker with code, stay loyal to Bitcoin, and love working with sharp minds in collaborative environments.

if (vibes == "good" && hacks == "clean") then passion ❤️

I like operating across domains, connecting the dots between attack, defense, and automation:
  • Red/Blue Team Activities
  • DFIR (Digital Forensics and Incident Response)
  • CTI (Cyber Threat Intelligence)
  • Research and Development
  • DevSecOps (Development, Security, and Operations)
  • Scripting, Automation, and Tooling

Experience

Cyber Security Specialist - Undisclosed
Aug 2018 - present

Actively involved in both offensive and defensive activities, with participation in international events. Work includes advanced threat simulation, incident response, and the research and development of new tools and techniques to support cyber activities and resilience.

Key responsibilities:

  • Participation in multinational events
  • Offensive activities: vulnerability research, exploitation, C2 setup, and adversary emulation
  • Defensive activities: log analysis, detection engineering, SIEM/EDR tuning, and response
  • System hardening and secure architecture deployment in realistic operational scenarios
  • Research & development of custom scripts, tools, and procedures for attack/defense workflows
  • Contribution to threat intelligence production and use-case development
  • Documentation of findings, technical reports, and lessons learned
IT / Telcommunications Specialist - Undisclosed
Sep 2009 - Jul 2018

Managed and maintained mission-critical communication infrastructures, including terrestrial, and satellite systems. Delivered end-to-end IT support, from network deployment to domain and system administration, ensuring stable and secure operations.

Key responsibilities:

  • Configuration, installation, and alignment of radio and satellite communication links
  • Setup and maintenance of LAN/WAN infrastructures and telephony systems
  • Installation and administration of Windows-based IT systems and services (AD, DNS, DHCP)
  • Troubleshooting and maintaining network connectivity in remote or constrained environments
  • Management of domain controllers and authentication services
  • Integration of communication systems with existing IT infrastructure
  • Documentation of configurations and procedures for operational continuity

Education

2023 - Present
Bachelor of Science in Computer Engineering
Universitas Mercatorum

Projects

Ransom Radar
CTI Telegram Bot Ransomware
Ransom Radar
Real-time ransomware monitoring and alerting. Ransom Radar tracks public ransomware activity across multiple threat intelligence feeds, including RansomLook, RansomFeed, and Ransomware.live. It automatically detects new posts, leaks, and extortion attempts, sending timely alerts directly to a Telegram channel or group.
ProcHunt
DFIR Processes Analysis C++
ProcHunt
ProcHunt is a Windows process scanner written in C++ that enumerates PIDs, parses PEB→RTL_USER_PROCESS_PARAMETERS, verifies code signing, and scores suspicious behavior (path/CWD anomalies, LOLBins, masquerading, obfuscation).
OpenRelik AmCache-EvilHunter worker
OpenRelik DFIR Python
OpenRelik AmCache-EvilHunter worker
OpenRelik worker integrates AmCache-EvilHunter by **Cristian Souza** (GitHub: *cristianzsh*) to parse Windows `Amcache.hve`, extract execution artifacts (Program/File entries, SHA-1, timestamps), flag suspicious binaries, and optionally enrich via **VirusTotal**/**Kaspersky OpenTIP**. Outputs **JSON/CSV** plus a **TXT** log.
Filefix Hunter
DFIR Filefix Rust
Filefix Hunter
Filefix-Hunter is a forensic tool written in Rust for incident response. It enumerates TypedPaths entries in Windows registry to detect possible LOLBIN or FileFix exploitation traces. This project was created to experiment and play with Rust, exploring its capabilities for building efficient and reliable forensic tools.
OCRacle
DLP OCR Python
OCRacle
OCRacle is a portable Python tool that recursively scans directories, extracts text from PDFs and images (using native parsing and OCR), and searches for sensitive keywords or regex patterns. It can export results to JSON and CSV, and is designed to work even in offline/air-gapped environments.
Bitcoin Power Law
Bitcoin Data Analysis Power Law
Bitcoin Power Law
A web app that calculates and displays the Bitcoin Power Law in real-time. The app fetches the latest Bitcoin data and plots it on a graph, updating the graph as new data comes in. The blog section provides detailed articles and analysis on Bitcoin trends and the Power Law Theory. Contact me to get credentials ;).
Site

Achievements

HTB DANTE Pro-lab
I tackled the Hack The Box DANTE Pro-lab — a realistic and challenging simulated environment with multiple machines and scenarios focused on advanced penetration testing skills.
SANS SEC 540 Challenge Coin
I completed the SANS SEC 540 (GCSA) - Cloudwars labs and received the challenge coin, which is awarded to students who demonstrate exceptional skills in the practical lab of the course.
SANS GCSA Certification
The GIAC Cloud Security Automation (GCSA) certification validates a practitioner's understanding of the cloud native toolchain, DevSecOps methodology, and security controls throughout CI/CD pipelines.
SANS GICSP Certification
The Global Industrial Cyber Security Professional (GICSP) certification is a vendor-neutral, practitioner focused certification that bridges IT, engineering, and cyber security to achieve security throughout the industrial control systems lifecycle.
GIAC Advisory Board Member
The GIAC Advisory Board is a private forum for top-performing GIAC-certified professionals to share insights and contribute as subject-matter experts. Membership is by invitation only.
eCPTXv2 Certification
The Certified Penetration Tester eXtreme (eCPTXv2) is a red team, offensive cybersecurity certification which allows you to prove your skills in penetration testing.
CRTE Certification
The Certified Red Teaming Expert (CRTE) is a completely hands-on certification. It is one of the most sought after attack certification in the field of Enterprise Security.

Get in Touch

My inbox is always open. Whether you have a question or just want to say hi, I’ll try my best to get back to you!
Mail me