Offensive Security • Adversary Simulation • Active Directory Exploitation
I’m Velkris, a red team operator and cybersecurity researcher focused on enterprise Active Directory compromise and adversary emulation.
My work centers on:
- End-to-end AD attack chains and privilege escalation paths
- MITRE ATT&CK–aligned adversary simulations
- Tradecraft automation and operational tooling
- Detection validation via telemetry, logs, and control testing
I prioritize realistic adversary behavior, repeatability, and defender-relevant outcomes over tool-centric demonstrations.
Exploit behaviors, not vulnerabilities.
Assume detection exists. Validate it.
If it isn’t logged, it didn’t happen.
Adversary simulation is not about access — it’s about measuring security control effectiveness under realistic pressure.
These repositories are intentionally pinned to reflect real red team workflows, not CTF artifacts.
Primary adversary emulation workspace
- AD compromise paths
- ATT&CK-mapped tradecraft
- Detection notes & defensive observations
Binary offset inspection & tooling
- PowerShell-based operational utility
- Supports tradecraft research & obfuscation testing
Blue-team-aware red team research
- Event IDs
- Sysmon coverage gaps
- Attack → Detection mapping
- Kerberoasting, AS-REP Roasting, ticket & certificate abuse
- Privilege escalation chains across AD trust boundaries
- ATT&CK technique mapping with execution notes
- GPU-accelerated password auditing (Hashcat / RTX 3080)
- Automation tooling & SOP documentation
Actively exercised techniques include:
- Credential Access (T1003, T1558)
- Lateral Movement (T1021, T1550)
- Privilege Escalation (T1068, T1484)
- Persistence (T1098)
- Defense Evasion (T1070, T1562)
Coverage is documented per simulation with execution evidence and detection notes.
| Certification | Status |
|---|---|
| PNPT | ✅ Completed |
| PJPT | ✅ Completed |
| Security+ | ✅ Completed |
| CRTP | In Progress |
| CRTO | In Progress |
Planned Progression:
GPEN → CRTO II → CRTE → OSCP → OSEP → CRTM → CAPE → GXPN → OSED → OSEE
Kali Linux • Windows Active Directory • PowerShell • Python
BloodHound • Rubeus • Mimikatz • NetExec
Impacket • Responder • PsExec • Hashcat
Obsidian • GitHub Actions • pipx / venv
- Active Directory Enumeration & Abuse
- Kerberos & PKI Attack Surface Analysis
- Detection Evasion & Log Review (Sysmon / Windows Eventing)
- Threat Intelligence & ATT&CK Correlation
- Red Team Tooling & Automation
Automatically updated via GitHub Actions
- Updating Active Directory attack simulations
- Refining OffsetInspect tooling
- Documenting detection gaps and log artifacts
LinkedIn: https://www.linkedin.com/in/perry-jared-r
Portfolio: https://github.com/warpedatom/Red-Team-Portfolio
Email: velkris.unicorn494@passmail.net
© 2025 Velkris — Educational Red Team Research | MIT Licensed
All testing conducted in isolated lab environments for research and training purposes only.