available for engagements Chile

xH1@hackmetrix:~$ whoami

> xH1

Semi-Senior Offensive Security Engineer at Hackmetrix. I break into web apps and Active Directory environments, then turn the findings into clear, actionable reports.

press for the command palette

$ cat /etc/profile

xh1@hackmetrix: ~

xH1@hackmetrix:~$ cat /etc/profile

# ── operator profile ──

ROLE="Offensive Security Engineer (Semi-Senior)"

ORG="Hackmetrix"

LOCATION="Chile"

FOCUS="redteam,web-appsec,active-directory"

STUDYING="CPTS,OSCP"

xH1@hackmetrix:~$

Offensive Security Engineer focused on black/grey-box web and infrastructure pentesting.

Red Team operator: C2 tradecraft, Active Directory abuse, lateral movement and persistence.

I turn findings into clear, actionable reports and mentor junior members of the offensive team.

3+
years in offsec
7
certs earned
250+
labs completed
80+
HTB retired rooted

$ ls -la ~/certs

CRTO

Certified Red Team Operator

Zero-Point Security

CRTA

Certified Red Team Analyst

CyberWarFare Labs

AD-RTS

Active Directory Red Team Specialist

CyberWarFare Labs

WEB-RTA

Web Attacks Red Team Analyst

CyberWarFare Labs

eJPTv2

Junior Penetration Tester

INE Security

ISO 27001 LA

ISO/IEC 27001 Lead Auditor

PECB

THM JPT

Jr Penetration Tester

TryHackMe

~ in_progress/

CPTS

Certified Penetration Testing Specialist

HackTheBox

progress 99%

OSCP

Offensive Security Certified Professional

OffSec

progress 0%

$ ./load-toolkit.sh

Cobalt Strike

Commercial adversary-simulation C2 with Malleable profiles

Mythic

Modular, multi-agent collaborative C2 framework

Havoc

Modern open-source C2 with the Demon agent

Sliver

Cross-platform implant framework (mTLS/HTTP/DNS/WireGuard)

$ git log --oneline --career

  1. Offensive Security Engineer (Semi-Senior)

    current

    Hackmetrix

    Jan 2026 — Present

    • > Black/grey-box web and infrastructure penetration testing.
    • > Technical report writing and peer review of the team’s deliverables.
    • > Client advisory throughout the remediation lifecycle.
    • > Mentoring junior members of the offensive team.
  2. Red Team Specialist (Continuous Labs)

    HackTheBox & TryHackMe

    Ongoing

    • > APT simulation: C2 beacons, lateral movement, privilege escalation and persistence.
    • > OWASP Top 10 exploitation — XSS, SQLi, Path Traversal, CSRF, IDOR.
    • > Python automation for recon and exploitation workflows.
    • > Findings documented with CVSS 4.0 scoring and CWE mapping.
  3. Cybersecurity Engineering

    AIEP — Chile

    Expected Dec 2026

$ cat ~/.specializations

Red Team Ops

Adversary simulation from initial access to domain dominance.

  • C2 beacon operations
  • Lateral movement (PtH / PtT / WMI / WinRM)
  • Privilege escalation
  • Persistence & evasion
  • Pivoting & tunneling

Web AppSec

Deep manual testing of modern web applications and APIs.

  • SSRF & SSTI
  • Insecure deserialization
  • IDOR / broken access control
  • SQLi / XSS / CSRF
  • JWT & OAuth flaws

AD Attacks

End-to-end Active Directory attack paths and abuse primitives.

  • Kerberoasting / AS-REP roasting
  • AD CS ESC1–ESC8
  • Delegation abuse (RBCD / KCD)
  • NTLM coercion & relay
  • DCSync / trust abuse

$ ssh xh1@network

secure-shell

visitor@guest:~$ ssh xh1@network

The authenticity of host 'xh1 (linkedin)' can't be established.

ED25519 key fingerprint is SHA256:x48f...a1H1.

Are you sure you want to continue connecting? yes

[+] Connection established over the only open channel.

motd: available for professional collaboration & red team engagements.

Connect via LinkedIn

// for professional inquiries only