UnixSingh

My expertise lies in conducting targeted penetration tests across various environments, including web applications, APIs, network infrastructure and more.

Title

Hi there 👋

I'm UnixSingh, a Security Researcher and aspiring Cybersecurity Specialist. I focus on realistic, goal-driven penetration tests across web applications, APIs, infrastructure, Active Directory environments and more.

I combine automation with manual tradecraft to find complex issues, validate real risk, and help teams harden their environments instead of chasing noise.

Present Status 🧭

🎯
Offensive Security
Deeper tradecraft, adversary simulation
✍️
Writing
Blogs, labs & test methodlogies
📱
Learning Kubernetes (K8s)
Cloud-native & container attack paths

Typing SVG

🔍 Focus: Realistic red-team style assessments 🌐 Web & API | 🖥 AD | ☁ Cloud 📚 Strong methodology, clear reporting

Projects 🚀

Web Application Home Lab API Home Lab Active Directory Home Lab GOAD on VMware

Security Standards & Frameworks 🛡️

Engagements are mapped to well-known industry standards so findings connect directly to risk and controls.

OWASP Testing Guide (OTG) MITRE ATT&CK CWE SANS Top 25 CIS Benchmarks

Skills 🧠

Coverage from external surface to internal lateral movement, plus cloud and mobile.

Web Apps & APIs Infrastructure Gen AI App Testing Thick Client Apps System Build Reviews Mobile App Testing System Breakout Testing Cloud Config Reviews Email Phishing Testing GitHub Wireless

Knowledge ⚙️

Tools change. Understanding attacker behaviour does not. I focus on: Enumeration depth over speed, Chaining weaknesses into real compromise paths and Clear reporting that developers and defenders can act on.

Show full offensive tooling stack (Burp, AD tools, cloud, mobile, privesc & more)
Burp Suite Metasploit Wireshark Bash Python Linux Git Debian Docker Kali Linux theHarvester Recon-ng Shodan Censys SpiderFoot Amass Sublist3r crt.sh Nmap masscan RustScan Netdiscover arp-scan Nessus Qualys Nuclei OWASP ZAP sqlmap Wappalyzer Nikto WFuzz ffuf DirBuster Dirsearch ParamSpider Arjun Exploit-DB searchsploit Hashcat John the Ripper Hydra Medusa CrackMapExec Responder Mimikatz Impacket BloodHound SharpHound PowerView PowerSploit Rubeus Kerberoast GetUserSPNs ADExplorer ADRecon SecretsDump Sliver Evilginx2 Linux Exploit Suggester LinPEAS WinPEAS GTFOBins tcpdump Gophish MobSF Frida APKTool Objection Pacu CloudSploit ScoutSuite Kube-bench Kube-hunter Radare2 SMBexec ntlmrelayx Tenable Qualys Ghidra

Certifications 🎓

OSCP PNPT CASA
Never give up. Never back down.

🌱 Constantly learning. Constantly breaking. Constantly improving.

Buy Me A Coffee