Sass Péter

Founder

Polgár, Hajdú-Bihar, Hungary2 mos experience

Key Highlights

Top 260 global HTB Elite Hacker.
Expert in realistic attack simulations and reporting.
Experienced in multi-cloud red teaming and detection engineering.

Stackforce AI infers this person is a Cybersecurity Specialist with a focus on Red Team Operations and Penetration Testing.

Contact

Skills

Core Skills

Web Application SecurityRed Team OperationsTraining And Development

Other Skills

Kali LinuxOSINTActive DirectoryWeb exploitationC2 infrastructureOpenVPNMkDocsScoring APIApp PenTestingExploit FrameworksWeb SecurityRed Team ToolsAttack Surface AnalysisAPI Security AssessmentOffensive Security Tool Mastery

About

Red teamer & pentester with a detection-aware mindset. I design realistic attack simulations across AD/Entra, web exploitation, pivoting/tunneling, and C2/OPSEC, then map impact to MITRE ATT&CK and business risk. HTB Elite Hacker (Top ~260 global, 55+ boxes) and CTF/Lab creator — I learn by building and deliver clear reports (exec summary + technical steps + detections & hardening). Certs: CWL CRT-ID, Multi-Cloud Red Teaming Analyst, Multi-Cloud Red Teaming Analyst, Google Cybersecurity. Open to: fully remote red team/pentest roles and project work. Portfolio: nosecpwn.eu • Sample report available on request.

Experience

Nosec ai

Founder & Lead Developer

Jan 2026 – Present · 2 mos · Ungheria · On-site

Self-empolyed

2 roles

Cyber Security Analyst

Sep 2025 – Present · 6 mos

Kali LinuxWeb Application Security

Offensive Security Analyst | Red Team Trainee (Freelance)

May 2025 – Sep 2025 · 4 mos · Polgár, Hajdú-Bihar, Hungary · Remote

Plan and execute realistic red team exercises end-to-end: scope/ROE, objectives, and reporting.
Build complete attack chains: OSINT → initial access (web vulns, misconfigs) → privilege escalation → lateral movement → objectives.
Active Directory/Entra focus: Kerberos/ACL abuse, BloodHound pathing, constrained delegation, privesc and DC-sync paths.
Pivoting without SSH: design covert tunnels (ligolo-ng/chisel/socat), SOCKS chains, and port-forwarding while maintaining OPSEC.
C2 & infra: stand up disposable C2 (e.g., Sliver/Mythic), redirectors, staging, and logging with strict OPSEC checklists.
Web exploitation: IDOR, XSS, SQLi, SSRF, LFI/RFI, file upload, deserialization; write PoCs and safe repro steps.
Write concise executive summaries + deep technical reports mapping to MITRE ATT&CK with detections and hardening actions.
Build and maintain practice labs/CTFs (OpenVPN distribution, scoring API, MkDocs portal). Publish write-ups and training notes.
HTB Pro Hacker (Top ~380, 50+ boxes) — ongoing research and public write-ups.
Tech: AD/Entra, BloodHound, Impacket, Kerberos, LDAP, Sliver/Mythic, ligolo-ng, chisel, socat, Burp Suite, Nmap, Python, Bash, Linux, Windows, Nginx.