Biscotti Diskette
Purple Team Security Analyst | OSCP-Certified
Former Pentester → Current Blue Team Operations
I break systems to understand how to defend them.
Experience:
🔴 Red Team: 64 offensive labs | OSCP | Web exploitation
🔵 Blue Team: 19 defensive challenges | Threat hunting | Incident response | Malware analysis
🟣 Purple Team: IR playbook development | Detection rules (coming soon)
Current Focus:
- Blue team operations & incident response
- TCM Practical Junior Malware Analyst (In Progress)
- GIAC Certified Incident Handler (GCIH Prep - Exam Q1 2026)
Skills: Web Security • CTF • Linux • Python • Networking • SOC Analysis • Incident Response
Exploring: Reverse Engineering • Advanced Malware Analysis • Exploit Development • Detection Engineering
| Projects | View All Labs (85 Total) | Tools | Certifications | Blog | Contact |
I focus on securing web applications and am currently expanding my skills in malware analysis and detection engineering. Through offensive challenges (HTB, THM) and defensive scenarios (Sherlocks, CyberDefenders, BTL), I develop a complete understanding of both attack and defense.
My offensive background gives me unique insight into attacker methodology, which I now apply to building better detections, alert management, and responding to incidents.
Beyond Security
When I’m not breaking (or defending) systems, I’m training Muay Thai and learning Thai language. The discipline required for both martial arts and language learning translates directly to security work: pattern recognition, iterative improvement, and the patience to work through complex problems.