Hello! I am a Computer Science student pursuing a career in offensive cyber security. (Most of the data listed below on this website is simply mock data to fill out in the future).

Breaking things (safely), then learning how to fix them.

CTF Player Bug Bounty Hunter Proof of Concept Expoliter Multiple Computing Languages

See Projects Get In Touch

About Me

Who am I?

I am a computer science student focused on penetration testing and red teaming. I like building VM Labs, and expoiting them in different ways. I am also capable of scripting in multiple computing languages, including Python, Bash, PowerShell, JavaScript, Ruby, and SQL.

Education & Training

DIP Computer Science - Expected 2025
TryHackMe - Jnr. Penetration Tester 2025
CompTIA - PenTester+, Red Team Pro 2024

Skills

Offensive Skills

Penetration Testing
Red Teaming
Vulnerability Assessment
Exploit Development

Scripting Languages

Python
Bash
PowerShell
JavaScript
Ruby
SQL

Tools

Burp Suite
Metasploit
Nmap
Wireshark
OWASP ZAP

Reporting Skills

Technical Writing
Documentation
Presentation Skills

Soft Skills

Team Collaboration
Problem Solving
Adaptability
Time Management

Operating Systems

Linux (Kali, Ubuntu)
Windows
macOS

Projects

WebApp Exploit Lab

Role: Offensive | Techniques: SQL, SSRF, Session fixation

Built a vulnerable e-commerce app in a local lab and documented exploit chain + hardening checklist.

WebOWASPDocker

GraphQL Checkout Exploit

Role: Offensive | Techniques: GraphQL Injection, JWT Auth. Bypass

Built a vulnerable GraphQL checkout API and exploited introspection/injection/mutation.

WebGraphQLAPI

Kerberoast to Domain Admin

Role: Offensive | Techniques: Kerberoasting, Privilege Escalation

Exploited Kerberos authentication to obtain service tickets and escalate privileges to Domain Admin.

ADKerberosPrivilege Escalation

Smart Camera Firmware Backdoor

Role: Offensive | Techniques: Firmware Reversal, Backdoor Installation

Extracted and reverse-engineered camera firmware to find an unauthenticated telnet/debug backdoor and PoC remote control; includes firmware hardening steps.

IoTFirmwareBackdoor

EternalBlue Exploit

Role: Offensive | Techniques: SMB Exploitation, Remote Code Execution

Developed a proof-of-concept exploit for the EternalBlue vulnerability in SMBv1, allowing for remote code execution on vulnerable Windows machines.

WindowsSMBExploit

SSTI Template RCE

Role: Offensive | Techniques: Server-Side Template Injection

Exploited a server-side template injection vulnerability to achieve remote code execution.

WebSSTIRCE

Zigbee Replay Door Unlock

Role: Offensive | Techniques: Zigbee Replay Attack

Conducted a replay attack on a Zigbee-enabled door lock to unlock it without authorization.

IoTBackdoorMQTT

Privileged Helm Host Escape

Role: Offensive | Techniques: Kubernetes, Privilege Escalation

Exploited a misconfigured Helm chart to escalate privileges within a Kubernetes cluster.

CloudHelmKubernetes

NTLM Relay

Role: Offensive | Techniques: NTLM relay, SMB/LDAP relay, AD CS abuse, certificate-based escalation

Relayed captured NTLM auth to an AD CS enrollment service to obtain a forged machine certificate and gain domain access.

ADNTLMKerberos

MQTT Broker Takeover

Role: Offensive | Techniques: MQTT, IoT

Gained unauthorized access to an MQTT broker and manipulated IoT devices connected to it.

IoTMQTTBroker

Azure SAS Token Misissue

Role: Offensive | Techniques: Azure, SAS Token Misissue

Exploited a misconfigured Azure Storage account to obtain a SAS token with elevated privileges.

CloudAzureSAS

SQL Product Search

Role: Offensive | Techniques: SQL Injection

Conducted a SQL injection attack to extract sensitive product information from the database.

WebInjectionSQL

Contact Me

Get in Touch!

Feel free to reach out for collaborations, inquiries, or just to say hello!

Contact Information

Email: bryanheuir@gmail.com
LinkedIn: linkedin.com/in/bryanheuir
GitHub: github.com/14thMember
Location: Sydney, Australia