XDMR
📦 XMDR
WhoAmI
┌──(andrew㉿kali)-[~/ctf]
└─$ cat profile.txt
Name: Andrew Kapaldo
Location: USA-WV
Role: Security Researcher | CTF Player
Certifications: CompTIA A+, Network+, Security+, Pentest+, (ISC)² SSCP, CCSP
┌──(andrew㉿kali)-[~/ctf]
└─$ ./get_skills.sh --list-domains
[+] Core Competencies:
├── Web Application Security
├── Digital Forensics
├── Network Analysis
└── OSINT & Reconnaissance
[+] Languages & Tools:
├── Python (Scripting & Exploit Dev)
├── PowerShell (Windows Security)
├── Bash (Linux Administration)
├── Burp Suite, Wireshark, Ghidra
└── Metasploit, SQLmap, Nmap
┌──(andrew㉿kali)-[~/ctf]
└─$ █
About Me
I'm a technology enthusiast with a passion for cybersecurity and CTF competitions. With certifications in CompTIA A+, Network+, Security+, Pentest+ and (ISC)² SSCP and CCSP, I enjoy tackling complex security challenges and documenting my learning journey through detailed writeups.
When I'm not breaking into virtual machines or solving cryptography puzzles, I volunteer with my local search and rescue team helping find lost and missing persons. I believe in using technology to make people's lives better and safer.
This site serves as my knowledge base and portfolio, documenting CTF challenges from platforms like HackTheBox, TryHackMe, Huntress CTF, and others.
Recent Writeups
Recent Achievements
(ISC)² SSCP
Systems Security Certified Practitioner - Entry level security certification
CompTIA Security+
May 2021 - Core security principles and best practices
CompTIA Network+
June 2022 - Network infrastructure and troubleshooting
What I'm Working On
🔍 Currently Exploring:
- Developing custom Python tools for CTF automation
- Deep diving into Windows privilege escalation vectors
- Building a home lab for malware analysis
📚 Learning Goals:
- CISSP Certification (2026)
- MS Business Cybersecurity Management (2026)
- Advanced web application penetration testing
- Reverse engineering and malware development
Categories
Explore writeups by category:
- 🌐 Web Exploitation - SQL injection, XSS, SSRF, and more
- 💾 Binary Exploitation - Buffer overflows, ROP chains, format strings
- 🔐 Cryptography - Ciphers, encoding, cryptanalysis
- 🔍 Forensics - Memory dumps, disk analysis, steganography
- 🦠 Malware Analysis - Reverse engineering malicious software
- 🕵️ OSINT - Open source intelligence gathering
💡 Want to connect?
Feel free to reach out via GitHub or LinkedIn. I'm always happy to discuss security topics, CTF strategies, or collaborate on projects!
Recent Posts
Webshellz
🔍 Webshellz
Verify You Are Human
🐞 Verify You Are Human
VX-Underground
📦 vx-underground
Trust Me
📦 Trust Me