Welcome
Welcome to AllMindSecurity! This site is dedicated to building and sharing
practical security tooling, infrastructure, and solving problems that I've
encountered during my offensive security journey. I wanted to share
step-by-step guides, reproducible labs, so you can experiment, adapt,
and apply them directly in your own environment.
This site is where I document the parts I can share publicly: lessons learned, lab patterns, and “how I think” when approaching security engineering problems.
I'll cover some of my lab setup that includes Azure (Entra, Defender, MDE), Docker, and IaC with Terraform and Bicep. You’ll also find
red-team–focused engineering: from payload development and anti-debugging techniques to building out weird projects.
Everything is shared with the goal of giving back to the cybersecurity community and helping solve real problems.
Check out the latest articles to get started.
Projects
A high-level, snapshot of notable projects and builds across offensive security, lab engineering, and automation.
-
Python Tkinter Automated Loader: Built in Python with Tkinter to reduce build/release time for engagement-ready loaders.
C2-platform agnostic, MSVC-based builds, configurable execution modes, and toggles for entropy-aware and anti-analysis build options—designed
for safe, repeatable compilation.
-
Flask Automated Logging Solution: Flask app with custom HTML/CSS/JS to streamline operational logging and reduce manual
licensing/administrative overhead. Containerized with Docker and served via Gunicorn; ingests logs and organizes them into activity-based views.
-
Flask Automated Loader Generator: A containerized web UI (Flask + custom HTML/CSS/JS) to generate consistent builds across
different toolchains (including GCC/MinGW), focused on repeatability and signature diversity.
-
Beacon Object File Development: A set of operator tools meant to solve specific problems in our environments based on higher agency requirements.
- Chunker: Chunks files/directories based on user-defined sizing and supports encrypted packaging for transport/storage.
- CheckSigned: Validates whether binaries are signed (including handling cases beyond simple catalog-based checks).
- SuspendLog: Targets specific process threads and suspends them to suppress host logging.
- Custom Inline-ExecuteAssembly: .NET execution that uses a custom implementation of ETW and AMSI patching.
- archiver: Walks a directory recursively, builds a table of contents (max 2048 files, 260-char paths), and writes raw file data into one archive.
- eraser: Performs five passes (0x00, 0xFF, random, 0xAA, random) with a 4 KB buffer, flushing after each pass. Truncates the file to zero length and then deletes it; reports each pass plus final status.
- recursive-dir: Recursive directory search utilities with operator-defined filters.
-
Front/Back End: Multiple web pages supporting internal red team activities using Apache2/Nginx/PHP and cloud services
(Azure/AWS, including Lambda and load balancers).
-
Numerous custom loaders: Cross-language implementations (C, C++, C#, PowerShell, Java, Python) with a focus on modularity,
repeatable builds, and controlled lab validation.
-
Azure cloud-based attack environment: Built a lab environment with Microsoft Defender P2 and Business Premium P2 licensing tiers to validate
detection visibility and tune safe, repeatable testing workflows.
About Me
I’m a Cyberspace Air Force Veteran with 15+ years of experience across cybersecurity and engineering, including software development, cloud security
architecture, internal auditing, and red teaming. I’ve held numerous leadership roles supporting enterprise-scale network operations, compliance programs,
and led a 40-person team aboard the National Airborne Operations Center supporting bespoke mission-critical national networks and global command-and-control
communications.
I like building practical solutions: reproducible labs, automation, and tools that enchance workflows.
I use LLMs as a pair programmer to accelerate syntax, boilerplate, and iteration, but I own the engineering design end-to-end:
requirements, architecture, security tradeoffs, testing, and deployment. The result is faster delivery and cleaner execution—turning
an idea into a working, maintainable product quickly.
Certifications: CRTL, CRTID, AT-RTO, CRTO, CARTP, CRTP, OSCP, CISSP, CEH, Security+, Linux+, MS-900
Military Training
- Undergraduate Cyber‑Warfare Training
- Advanced Network Operations Officer Course
- Carnegie Mellon SEI Cyber 200 ADL Labs
Industry Training
- SpecterOps / Black Hat — Adversary Tactics: Red Team Operations
- AntiSyphon — HackerOps: Red Team Infrastructure as Code
- Sektor7 — Malware Essentials / Intermediate Development / Windows Evasion
- Binary Offensive — Modern Initial Access and Evasion
- MalDevAcademy — Malware Development
- Hack The Box Pro Labs — Zephyr
- White Knight Labs — Offensive Development and Advanced Red Team Operations
Articles
Deep dives, lab notes, and practical guides you can replicate in your own environment.
A 3-part series: setup → networking → tooling. Work in progress.
Extending your homelab into cloud resources from behind NAT. Work In Progress.
Project structure, access control, and workflow patterns for GitLab CE.
Publishing internal services securely via Cloudflare Tunnel. Work in progress.
We break what entropy is and how that can be used as a detection point.
Setting up and streamlining your debugging lab. Work in progress.
Building and running LLMs locally. Work in progress.