about me

i had a successful career for over 10 years as a java developer, ending up as a principal within a large multinational company, leading teams and working on scalable, performance sensitive, high availability distributed systems, dealing with financial transactions. but in the end i ran out of passion for it… so i quit

i took a short break and then started a completely new career in computer security!

looking back on my life so far, it’s surprising that i didn’t arrive at this decision earlier:

  • i started programming when i was 8, looking at games and trying to figure out how they work
  • as a kid i was into ciphers (i invented an alphabet to write my diary in – it looked like elvish and none of my friends had a clue what it said, and it also had some obfuscation tricks which weren’t bad for a 10 year old)
  • as a kid i was into lock picking
  • as a kid i wanted to be a spy (invisible ink and all that stuff)
  • as a kid i fiddled around with the public telephone system :-p
  • as a kid i reverse engineered and defeated copy protection on some games, in assembler
  • spy/espionage fiction and non fiction was my favorite reading material for decades
  • my software engineering degree final year dissertation/project was on steganography
  • one of my favorite temp jobs i took when travelling in australia was to be a ‘mystery customer’, calling up and visiting stores, pretending to be a client and rating sales assistants (covert/spy-ish)
  • the security/privacy sections of tech news always excited me the most
  • i won a CTF at my company a couple of years ago, which first made me think ‘i want to have this much fun for a living’
  • last year, for fun i reverse engineered a popular android hacking game, defeated its protections, exploited its weaknesses and secured a top position on the global leaderboard
  • professionally i’ve had a reputation as somebody who is good at spotting subtle bugs in other people’s code (race conditions, logic holes, etc)

immediately after completing the OSCP while on my career break, i managed to get a job at a pentesting company!  thanks offsec! 😀  shortly afterwards i became involved in cyber range development, cyber exercises (red team), network and device pentesting, and so on. amazing fun! i also got my OSCE, and am proceeding to get more qualifications quickly. of course qualifications aren’t in themselves worth much, but they certainly help to accelerate learning in a directed and pressured way, which is just what i need

my target for year one in this career is to get initial or increased coverage/exposure in the following:

– network, internal, router, iot, wireless, mobile and webapp pentesting
– custom malware development and deployment
– social engineering
– physical security
– fuzzing and exploit dev
– reverse engineering

all this is geared towards being all-round capable in one specific thing i’m extremely passionate about: full scope black box red teaming! although my specialty will be client-side APT emulation, i should be able to do anything that is necessary to achieve the objective. and it’s all such great fun to learn! 🙂

please feel free to get in touch (atropineal<SHIFT-2>gmail.com)

One thought on “about me

Leave a Reply

Your email address will not be published. Required fields are marked *