Zyad Elsayed Abdelbary
Offensive Security Enthusiast | Pentester | Red Team Mindset
“In the code’s silence, I find the flaws. In the system’s chaos, I build control.”
Security practitioner focused on breaking, building, and hardening systems — from web apps to enterprise Active Directory. Currently focused on red teaming, adversary simulation, and C2 & malware research (research and testing performed only in authorized, legal environments).
When not dissecting exploits, you’ll find me:
- ๐ฎ playing tactical shooters like Rainbow Six Siege and Valorant
- ๐๏ธ watching Formula 1
- โ caffeinating my way through PowerShell and Python scripts
| Domain | Expertise |
|---|---|
| Offensive Security | AD Exploitation, Lateral Movement, Privilege Escalation |
| Web Application Security | OWASP Top 10, API Security, Source Review |
| Infrastructure | Network Recon, Threat Simulation, Detection Evasion |
| Tooling & Scripting | PowerShell, Bash, Python |
| Automation & IaC | Docker, CI/CD Security, Environment Hardening |
Toolbox:
PowerShell • Burp Suite • BloodHound • Metasploit • Impacket • Responder • Certipy
- ๐ ๏ธ SecureShell-Pro — Remote browser terminal (Chrome extension + server) with TLS/WSS, session logging, and admin controls.
- ๐งช OSEP — Notes & Payloads — Curated study material for post-exploitation and evasion.
- ๐งฉ Get-SecurityInfo — PowerShell recon toolkit for host & domain snapshots (AD, ACLs, system config).
- โ๏ธ vtotalenum — VirusTotal-driven subdomain enumerator for automated triage.
- ๐ฅ CVE-2023-42793 — TeamCity RCE PoC demonstrating exploit validation and mitigations.
Focused on offensive tooling, AD misconfig abuse, and automated recon frameworks.
- ๐ฅ Hack The Box – Elite Hacker Tier (Top 1.5%)
- ๐ง Completed multiple pro labs (Dante, Zephyr, Offshore)
- ๐จ๐ซ Led security circle trainings & red team workshops
- ๐งฉ Built custom CTF challenges (Web, Network, AD)
๐ฎ Tactical gamer at heart:
→ Rainbow Six Siege | Valorant | Battlefield
๐๏ธ F1 addict:
→ Strategy, speed, and precision = life principles
โ Coffee + Code + Chaos = Perfect Day
All tools, PoCs, and write-ups in this repo are intended for educational and authorized-penetration testing only. Do not use them against systems you do not own or have explicit permission to test. If you discover a vulnerability, follow responsible disclosure practices.
- ๐ Portfolio/Blog: b4l3ri0n.github.io
- ๐ฆ X/Twitter: @B4l3rI0n
- ๐ผ LinkedIn: Zyad Elsayed Abdelbary
“Stay stealthy. Stay curious. Hack. Learn. Repeat.”
© 2025 B4l3rI0n. Built with โค๏ธ and caffeine.