Anthony Contreras.


whoami

I’m Anthony Contreras — a penetration tester and Computer Science Engineering student at Escuela Politécnica Nacional (Ecuador), specializing in offensive security.

I focus on Active Directory exploitation, malware development, and building offensive tools that run on both x86_64 and ARM architectures. When I’m not hacking, I’m writing about it here.


Certifications

Certification Issuer Status
CPTS — Certified Penetration Testing Specialist HackTheBox
CAPE — Certified AD Penetration Expert HackTheBox
eJPT — Junior Penetration Tester eLearnSecurity
Cisco Ethical Hacker Cisco
Malware Development Certifications Maldev

HTB ProLabs

Completed the following HackTheBox Pro Labs, which simulate real enterprise environments:


Technical Focus

Active Directory & Windows
Kerberoasting, AS-REP Roasting, DCSync, NTLM relay, Pass-the-Hash/Ticket, Golden/Silver Tickets, ADCS ESC1–ESC8, trust attacks, SCCM exploitation, DNSADMINS, GPO abuse.

Malware & Evasion
PE structure, AMSI bypass, ETW patching, process injection, UserLand vs KernelLand, shellcoding, reverse engineering with Ghidra/IDA.

Offensive Tooling
Building tools in C/C++ targeting x86_64 and ARM — focused on portability across architectures and modern evasion techniques.

Web Exploitation
SQLi, XSS, XXE, LFI/RFI, SSRF, IDOR, deserialization. OWASP-based methodology, Burp Suite workflows.

C2 & Post-Exploitation
Sliver C2, Ligolo-ng tunneling, lateral movement via WMI/WinRM/DCOM/SMB.


Tools & Stack

Impacket CrackMapExec BloodHound Rubeus Mimikatz Sliver Metasploit Burp Suite
Nmap Responder Hashcat Ghidra GDB/pwndbg Python C/C++ Bash


Networks