# About me ## About I'm Daniil Nababkin, a Ukrainian Offensive Security Specialist. My personal interests include: * Red Teaming & Adversary Simulation * Offensive Tooling Development * Reverse Engineering * Security Research * macOS / Windows Internals ## πŸ‡ΊπŸ‡¦ Support Ukraine πŸ‡ΊπŸ‡¦ [You can save lives, no matter where in the world you are.](https://war.ukraine.ua/support-ukraine/) ## Socials * [GitHub](https://github.com/cr7pt0pl4gu3) * [Twitter](https://twitter.com/cr7pt0pl4gu3) * [LinkedIn](https://www.linkedin.com/in/daniil-nababkin-88263b210/) ## Research * [ProxyAlloc: evading NtAllocateVirtualMemory detection ft. Elastic Defend & Binary Ninja](https://blog.cryptoplague.net/main/research/windows-research/proxyalloc-evading-ntallocatevirtualmemory-detection-ft.-elastic-defend-and-binary-ninja) * [Offset-free DSE bypass across Windows 11 & 10: utilising ntkrnlmp.pdb](https://blog.cryptoplague.net/main/research/windows-research/offset-free-dse-bypass-across-windows-11-and-10-utilising-ntkrnlmp.pdb) * [The dusk of g\_CiOptions: circumventing DSE with VBS enabled](https://blog.cryptoplague.net/main/research/windows-research/the-dusk-of-g_cioptions-circumventing-dse-with-vbs-enabled) * [Objective-C .dylib Reverse Engineering "gigavaxxed" with Binary Ninja & LLDB](https://blog.cryptoplague.net/main/research/macos-research/objective-c-.dylib-reverse-engineering-gigavaxxed-with-binary-ninja-and-lldb) * [Reverse Engineering and Demystifying \*OS Private Frameworks](https://blog.cryptoplague.net/main/research/macos-research/reverse-engineering-and-demystifying-os-private-frameworks) ## Certifications * [OSCE3](https://www.credential.net/d2416d55-c97d-4484-a54a-590fbe82fa93) | [OSMR](https://www.credential.net/5e06082b-a004-4632-8907-2d4e21f2b312) | [OSCP](https://www.credential.net/c644175d-738f-4f7f-b835-fb79118c7162) | [OSED](https://www.credential.net/e62f5915-2126-4d37-8980-d9c3cb4b2b75) | [OSEP](https://www.credential.net/fabc5f30-7e00-4631-9b00-4a9621534180) | [OSWE](https://www.credential.net/3001de48-f76b-4a80-a2e3-5d34a05637e9) | [OSWP](https://www.credential.net/92884c30-123c-4a2f-b9ac-1ec919230153) * [eWPTXv2](https://certs.ine.com/175c2e34-52d0-4224-a002-ea0779a68fc6) * [SEKTOR7 MDA 1](https://files.gitbook.com/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FqEHYs3J0lebZbZucvZkw%2Fuploads%2FD8iukNBnfwpNKAk3FDQ8%2FSEKTOR7_MDA.pdf?alt=media) | [SEKTOR7 MDA 2](https://files.gitbook.com/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FqEHYs3J0lebZbZucvZkw%2Fuploads%2FuSMTzy7r5bZv7v0fk27U%2FSEKTOR7_MDA2.pdf?alt=media) | [SEKTOR7 MDI](https://files.gitbook.com/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FqEHYs3J0lebZbZucvZkw%2Fuploads%2FUE1cjtWd4qW0fWFOK94w%2FSEKTOR7_MDI.pdf?alt=media) | [SEKTOR7 WE](https://files.gitbook.com/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FqEHYs3J0lebZbZucvZkw%2Fuploads%2FWOcJYSTGaIKzE4JZqiK8%2FSEKTOR7_WE.pdf?alt=media) * [HtB BlackSky: Hailstorm (AWS)](https://cr7pt0pl4gu3.github.io/assets/BlackSky_Hailstorm.pdf) * [HtB BlackSky: Cyclone (Azure)](https://cr7pt0pl4gu3.github.io/assets/BlackSky_Cyclone.pdf) * [HtB BlackSky: Blizzard (GCP)](https://files.gitbook.com/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FqEHYs3J0lebZbZucvZkw%2Fuploads%2Fs3ALTUrNV3EXVFR3Uosn%2FBlackSky%20Blizzard_Certificate.pdf?alt=media) * [CHMRTS](https://www.credential.net/133d04f2-2385-431d-9bef-e413fe3bc04a) | [CARTS](https://www.credential.net/e85c6571-3bc9-4cef-b3b8-f51aef980a63) | [CGRTS](https://www.credential.net/e99a820c-aace-4087-ac88-901da69e3dbf) * [HtB APTLabs (Red Team Operator Level III)](https://cr7pt0pl4gu3.github.io/assets/APTLabs.pdf) * [HtB Cybernetics (Red Team Operator Level II)](https://cr7pt0pl4gu3.github.io/assets/Cybernetics.pdf) * [HtB RastaLabs (Red Team Operator Level I)](https://cr7pt0pl4gu3.github.io/assets/RastaLabs.pdf) * [HtB Offshore (Penetration Tester Level III)](https://cr7pt0pl4gu3.github.io/assets/Offshore.pdf) * [CRTL](https://api.eu.badgr.io/public/assertions/_S04M3M1TE2Nsy-u4ZQYGw) | [CRTO](https://eu.badgr.com/public/assertions/5O-QRyBiTqKXmoU4K1iqlw) | [CRTS](https://www.credential.net/a4f04ae5-1bbd-4620-89de-d744adc5842a) * [Evilginx Mastery](https://files.gitbook.com/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FqEHYs3J0lebZbZucvZkw%2Fuploads%2FgxyRTgTuRccUgZNarGpg%2FEvilginxMastery.pdf?alt=media) * [VHL Advanced+](https://cr7pt0pl4gu3.github.io/assets/VHL_plus.pdf) | [VHL](https://cr7pt0pl4gu3.github.io/assets/VHL.pdf) * [Cisco Cybersecurity Essentials](https://www.credly.com/badges/4e311c24-4173-4ea7-811f-c2bd775c6f89/public_url) * [II place at the National Hackathon on Cyber Security of Ukraine (OSINT)](https://cr7pt0pl4gu3.github.io/assets/HXK3.pdf) ## Trainings * 2022 | Program Analysis for Vulnerability Research @ Margin Research, Vector35 * 2022 | Certified Hybrid Multi-Cloud Red Team Specialist (CHMRTS) @ Cyberwarfare Labs * 2023 | StealthOps: Red Team Trade-craft Targeting Enterprise Security Controls @ Cyberwarfare Labs * 2023 | Certified Google Cloud Red Team Specialist (CGRTS) @ Cyberwarfare Labs ## Peers * [tishina.in](https://redirect.cryptoplague.net/tishina) - Red Team Tradecraft Blog by [@zimnyaatishina](https://twitter.com/zimnyaatishina) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://blog.cryptoplague.net/main/home/about-me.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.