kali@0xAkatsuki: ~
┌──(kali㉿0xAkatsuki)-[~]
└─$ whoami
Offensive Security & Red Team Operator

└─$ cat about.txt
Offensive Security & Red Team Operator.
Offensive Security & Red Team Operator.
Active Directory, Malware Dev (Nim/Python) va
Specializing in Active Directory, Malware Dev
Web, Network Pentesting da ixtisoslashganman.
(Nim/Python) & Web, Network Pentesting.
Bug bounty & freelance pentest.
Bug bounty & freelance pentest.

└─$ ls ./certs/
PJPJ CRTP OSCP [coming soon]

└─$ cat status.txt
[+] Rol: Independent Security Researcher
[+] Bug bounty hunting: AKTIV
[+] Role: Independent Security Researcher
[+] Bug bounty hunting: ACTIVE
[+] OSCP tayyorgarligi: JARAYONDA
[+] OSCP preparation: IN PROGRESS
[+] Freelance pentest: OCHIQ
[+] Freelance pentest: OPEN

└─$
50+
Machines Pwned
Machines Pwned
13
Writeuplar
Writeups
3
CVEs / Buglar
CVEs / Bugs
2
Sertifikatlar
Certifications

writeups

Proving Grounds / HTB
Medium Linux PG Practice
DC-1
Drupal 7 Drupalgeddon RCE orqali initial access, find SUID orqali root privilege escalation.
Initial access via Drupal 7 Drupalgeddon RCE, root privilege escalation via find SUID.
Drupal Drupalgeddon SUID Metasploit
Medium Linux PG Practice
BBSCute
CuteNews 2.1.2 RCE orqali initial access, hping3 SUID orqali root privilege escalation.
Initial access via CuteNews 2.1.2 RCE, root privilege escalation via hping3 SUID.
CuteNews RCE SUID hping3

projects

Tadqiqot va Lablar Research & Labs
Red Team Windows AD Enterprise Lab Enterprise Lab
AD Offensive Attack Simulation
Enterprise AD muhitida to'liq kill chain — Kerberoasting, ACL Abuse, DCSync. OPSEC-focused, Living off the Land metodologiyasi.
Full kill chain in an enterprise AD environment — Kerberoasting, ACL Abuse, DCSync. OPSEC-focused, Living off the Land methodology.
ActiveDirectory Kerberoasting DCSync LotL

skills

Red Team / AD
Kerberoasting / AS-REP
BloodHound / PowerView
Pass-the-Hash / PTT
Lateral Movement
Web Hujumlar
Web Attacks
SQLi / Manual
File Upload Bypass
LFI / Log Poisoning
SSRF / XXE
Tools
Impacket Suite
Burp Suite
Chisel / Tunneling
Metasploit
Evasion / OPSEC
AMSI Bypass
EDR Evasion (LotL)
In-Memory Execution
AV Signature Bypass

certifications

CRTP — Certified Red Team Professional
Altered Security
✓ Tugallandi ✓ Completed
PJPJ — PentesterLab
PentesterLab
✓ Tugallandi ✓ Completed
OSCP — Offensive Security Certified Professional
OffSec
⟳ Jarayonda ⟳ In Progress

blog

2026-05-14 AD Honeypot: Qopqon San'ati va Uning Badali AD Honeypot: The Art of the Trap and Its Cost

contact

GitHub
github.com/komilov-infosec
Email
a_komilov.sec@proton.me