Open to full-time pentesting opportunities & freelance engagements

whoami

Contact: 863-230-3028
Location: Florida, United States
~~~~~~~~~~~~~~~~~~~~~~~~
Hello, and welcome to my website. My name is Ryan.

This site serves as the following:

– My professional & comprehensive resume.
– A public blog of my continuous journey in the cybersecurity field with major focus on Red Team Tactics.
~~~~~~~~~~~~~~~~~~~~~~~~
Tap or click here to see my certifications, experience, & education as a single PDF file

Please use the methods I’ve provided on this site to make initial contact with me.

Pentesting

Erratic Powershell Command Execution

Oct 16, 2025 |

(I recommend 2X speed when watching.) Command execution errors 10 times (red text appear on the big screen after the end of command execution.) on the 11th execution it the reverse shell completes successfully as seen on little Pi’s screen.

#After discovering my split rev shell scheduled task (dirty drive persistance) was getting blocked by Windows Defender, I tried altering the script many times and got inconclusive results, I came to realize it was working properly after executing the script/commands 11 times. At the time of this note I do not know what causes this and the amount of times it must be executed before it’s allowed through the antivirus differs for different computers (i tested my personal hp laptop and my work lenovo laptop. The lenovo seems to only need 3 or 4 executions, sometimes works 1st time). I do not know if it’s an OS, Powershell, or other software version issue.

 —got this out of my codex, so this is from a few years ago. I need to revisit the mystery…

—text above that starts with a hashtag is from my codex notes.

In the video:

—The little screen is the raspberry pi listening for an inbound connection with ncat. (It’s a reverse shell scenario)

—On the computer using Windows and powershell, the commands for a reverse shell are being injected with a HID keyboard injector and is coded to repeat the same set of actions so I didn’t have to do it manually.

Rolling Key Code

Nov 15, 2021 |

Practicing some tactics to abuse Rolling Key Code and replay an RF signal to unlock a vehicle. FYI, there is nothing wrong with this vehicles security system or RKC implementation. It use to be that keyfobs would always send the same message to the vehicle -so the button that pops the trunk had its own message, unlock button had its own message and so on for the other buttons. This made them easy to hack with replay attacks of the captured RF signal. Rolling Key Code is the answer to that problem and has been in use on all modern vehicles for quite sometime now. Vehicles from the 90s and before may still be vulnerable to replay attacks though.

So what’s going on in this video then?

The trick to stealing a useable RKC requires that the receiver on the inside of the vehicle MUST NOT “HEAR” the signal, when a button on the key fob is pressed because that’s what’s making the RKC roll. Both the key fob and the receiver in the vehicle have already negotiated the algorithm to be used for creating 1 time use keys.

So, to exploit RKC, one must -capture the signal from a keyfob while preventing the signal from reaching the vehicle. Once the vehicle gets the replayed message from you, the signal will be valid but it’s also a one time use so it’s kind of a one-and-done situation. Also, at anytime the keyfob transmits and the vehicle receives the signal, the RKC just moves ahead based on the last one sent and now the bad actors captured signal from the keyfob is behind in its order of usage making it invalid.

Evil twin WiFi infrastructure

Jun 14, 2019 | ,

—For Pentesting and educational purposes only.

Yes, it’s bulky but I was mostly concerned with successfully completing my proof of concept that is using different hardware for different tasks. The Raspberry pi or the yellow router with openwrt, could be used alone to handle all the tasks. Now I’ll get to the details of my cutting board evil twin setup as seen in the video- and yes that is a cutting board, haha.

-each device on the cutting board has a specific job it’s doing in this setup.

  • The power strip can connect to the 12v adapter to easily run from a vehicle.
  • Internet access is provided when the yellow router tethers to a device that supports OTG (on the go) such as a smartphone or dongle connected to the USB port. My OTG adapter/dongle/smartphone is not seen in the video but it would connect to the USB port of the yellow router.
  • Netgear router (biggest rectangular shaped object on the cutting board) is running in AP mode so it’s just acting like a network switch for air gapped devices. It’s connected to the network switch (it’s a layer 3 network switch with port mirroring)
  • The trend net port mirroring switch is mirroring traffic from the netgear AP and the yellow router, to the raspberry pi.
  • The raspberry pi is ingesting the mirrored traffic with either tcpdump or wireshark.
  • I also terminated the purple colored UTP cat5e (maybe cat6) with rj45 ends using the EIA/TIA 568b standard.