Learning Timeline
A living record of the journey. Not to show off, but to remember where each stone was placed. Every certification, experiment, and article represents a decision to go deeper rather than wider.
This timeline is primarily a personal historical record of my learning path and the road taken. Each point represents a particularly formative or meaninful moment in my progression.
The list is intentionally non-exhaustive. Rather than cataloguing every completed HackTheBox machine or Academy module, only the most significant milestones are documented here. The goal is signal over noise and to be able to clearly log each key topic from this learning journey.
Finally, no points related to professional experience are listed here, for confidentiality reasons. Findings, vulnerability discoveries, and security assessments conducted in professional contexts remain undocumented on this page by design.
Early Bird APC, TLS Callbacks, Reflective DLL Injection, Process Hollowing and others from both an offensive and defensive perspective.
Enterprise network penetration testing simulation featuring 15 interconnected Windows and Linux machines across multiple network segments. Executed complex pivot chains through segmented infrastructure, systematic enumeration across diverse systems, privilege escalation leveraging platform-specific techniques, and comprehensive Active Directory compromise. Completed using Sliver C2 framework to develop proficiency with modern command and control operations and to practice maintaining access and managing sessions across extended multi-system engagements.
From ELF dynamic section internals to shellcode injection via .init_array.
First practical red team certification. AD multi-domain, Cobalt Strike C2, OPSEC fundamentals.
Deep technical reference on EDR internals and evasion techniques (API hooking, kernel callbacks, ETW telemetry, detection bypasses, ...). Directly supporting my CRTL preparation and EDR evasion learning.
In progress · ~50%Comprehensive guide to structuring, planning and executing red team operations at an organizational level. Shaped my understanding of how adversary emulation programs are built and operationalized beyond individual engagements.
Comprehensive penetration testing path covering enumeration, exploitation, lateral movement, Active Directory attacks, and professional reporting. Paused to focus on red teaming specialization via CRTO.
On hold · 47%Medium Windows machine in an assumed breach scenario. First hands-on implementation of targeted Kerberoasting, WriteSPN abuse, and DPAPI credential decryption. Introduced credential extraction from NTDS.dit and lateral movement techniques that I later studied in depth during CRTO preparation.
Comprehensive web application security training covering SQLi, XSS, SSRF, authentication vulnerabilities, accesscontrol, CSRF, and advanced exploitation techniques. Hands-on labs on real-world vulnerability scenarios.
In progress · ~67%Applied cryptography from first principles. Explains not just how algorithms work, but why they are designed the way they are and how they fail. Filled my thirst for knowledge regarding cryptology.
Foundational reference for Linux and Unix system internals. Taught me a lot about UNIX internals back in my SRE era and always remains on my desk since that time.