Skip to content
View Bd-Mutant7's full-sized avatar
💭
🚫I Don't Hack Anyone's Exs! ♨️
💭
🚫I Don't Hack Anyone's Exs! ♨️
1.1k followers · 2.4k following

Achievements

Achievement: StarstruckAchievement: YOLOAchievement: Pull Shark

Achievements

Achievement: StarstruckAchievement: YOLOAchievement: Pull Shark

Block or report Bd-Mutant7

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
Bd-Mutant7/README.md

Typing SVG


GitHub TryHackMe HackTheBox LinkedIn Portfolio Twitter


Profile Views  Followers  Stars   

🧠 Professional Summary

Peter Kariuki — Cybersecurity student and penetration testing practitioner based in Kenya 🇰🇪, focused on offensive security and ethical hacking.

  • 🎯 Specializing in Web Application Pentesting, Network Exploitation, and Vulnerability Research
  • 🏴 Active CTF competitor on TryHackMe, HackTheBox, and CTFtime
  • 🛠️ Building security tools and automation scripts with Python & Bash
  • 📋 Currently pursuing eJPT and CompTIA Security+ certifications
  • 🌱 2026 Goal: First bug bounty report + OSCP roadmap entry
  • 🤝 Open to collaborations on security research, CTF teams, and tool development
 
╔═══════════════════════╗
║   SECURITY PROFILE    ║
╠═══════════════════════╣
║  Role   : Red Teamer  ║
║  Base   : Kenya 🇰🇪    ║
║  Focus  : Offensive   ║
║  Status : Learning    ║
║  Mode   : Full Send   ║
╚═══════════════════════╝

🛡️ Core Skills

Offensive Security & Pentesting

Metasploit Burp Suite Nmap Wireshark Hydra SQLMap Gobuster Hashcat John the Ripper Nikto

Languages & Scripting

Python Bash PowerShell C JavaScript

Platforms & Infrastructure

Kali Linux Linux Docker AWS VirtualBox Git

Security Domains

Domain Topics
🌐 Web App Security SQLi · XSS · SSRF · IDOR · LFI/RFI · CSRF · JWT Attacks
🔌 Network Pentesting Port Scanning · MITM · Sniffing · SMB · FTP · SSH Exploitation
🔐 Password Attacks Brute Force · Hash Cracking · Credential Stuffing · Rainbow Tables
📁 Privilege Escalation LinPEAS · WinPEAS · SUID · Cron Jobs · GTFOBins · Kernel Exploits
🕵️ OSINT & Recon Google Dorks · Shodan · TheHarvester · Maltego · DNS Enumeration
🐛 Vulnerability Research CVE Analysis · ExploitDB · Nuclei · Manual Code Review

🚀 Featured Projects

🔗 Browse all repositories →

⚔️ Red Team / Offensive

Network-Packet-Sniffer-GUI  Cybersecurity-Threats-Guide

🛡️ Blue Team / Defensive

awesome-privacy  anti-theft-charge

📝 CTF Writeups & Research

Documenting every machine, challenge, and vulnerability I learn from.

# Title Category Platform Difficulty Link
01 Coming Soon Web Exploitation TryHackMe 🟢 Easy
02 Coming Soon Privilege Escalation HackTheBox 🟠 Medium
03 Coming Soon Network Pentesting CTF Competition 🔴 Hard

📌 Full writeup collection →

🎓 Certifications

Status Certification Issuer Target Date
🟡 In Progress eJPT — Junior Penetration Tester INE / eLearnSecurity Q2 2026
🟡 Studying CompTIA Security+ CompTIA Q2 2026
⬜ Planned CompTIA PenTest+ CompTIA Q3 2026
⬜ Planned CEH — Certified Ethical Hacker EC-Council Q4 2026
⬜ Planned PNPT — Practical Network Pentester TCM Security 2027
⬜ Planned OSCP — Offensive Security Certified Pro OffSec 2027

🏆 Achievements & Stats



  

Activity Graph

Platform Progress

Platform Focus Sessions Status
TryHackMe Web, Networks, Privilege Escalation Weekly 🟢 Active
HackTheBox Machines & Pro Labs Weekly 🟢 Active
PortSwigger Web App Vulnerability Labs Daily 🟡 Ongoing
CTFtime All Categories Monthly 🟢 Competing

🛡️ Blue Team — Defense & Detection

"You can't defend what you don't understand. Red team to learn. Blue team to protect."

🔵 Defensive Toolset

Splunk Elastic SIEM Wazuh Snort Wireshark YARA Suricata TheHive Volatility OpenVAS

🔵 Blue Team Domains

Domain Skills & Concepts
📊 SIEM & Log Analysis Splunk SPL · Elastic Stack (ELK) · Log Correlation · Alert Tuning
🚨 Incident Response IR Playbooks · Evidence Collection · Containment · Eradication
🔬 Digital Forensics Volatility · FTK Imager · Autopsy · Memory Analysis · Disk Imaging
🌐 Network Defense Snort/Suricata IDS · Firewall Rules · Traffic Analysis · Anomaly Detection
🦠 Threat Intelligence MITRE ATT&CK · IOC Analysis · YARA Rules · VirusTotal · OSINT
🔒 Endpoint Security Wazuh EDR · File Integrity Monitoring · AV Evasion Detection
🕵️ Threat Hunting Hypothesis-Driven Hunting · Sigma Rules · Timeline Analysis

🔵 SOC Analyst Workflow

┌─── DETECT ────────────────────────────────────────────────────┐
│  SIEM Alerts → IDS/IPS Triggers → Anomaly Baseline Deviation  │
└──────────────────────────┬────────────────────────────────────┘
                           ▼
┌─── TRIAGE ────────────────────────────────────────────────────┐
│  Alert Validation → False Positive Filtering → Priority Score  │
└──────────────────────────┬────────────────────────────────────┘
                           ▼
┌─── INVESTIGATE ───────────────────────────────────────────────┐
│  Log Correlation → IOC Lookup → TTPs Mapping (MITRE ATT&CK)   │
└──────────────────────────┬────────────────────────────────────┘
                           ▼
┌─── RESPOND ───────────────────────────────────────────────────┐
│  Containment → Eradication → Recovery → Lessons Learned        │
└───────────────────────────────────────────────────────────────┘

🔵 MITRE ATT&CK Coverage

Reconnaissance Initial Access Execution Persistence Privilege Esc Defense Evasion Lateral Movement Exfiltration

🔧 Tools (Quick Reference)

Category Tools
🔴 Scanners Nmap · Masscan · Rustscan · Nikto · Nuclei
🔴 Web Testing Burp Suite · OWASP ZAP · SQLMap · ffuf · Gobuster
🔴 Exploitation Metasploit · ExploitDB · SearchSploit · msfvenom
🔴 Password Hashcat · John the Ripper · Hydra · Medusa · CeWL
🔴 Post-Exploit LinPEAS · WinPEAS · BloodHound · Mimikatz · Impacket
🔴 OSINT TheHarvester · Maltego · Shodan · Recon-ng · Sublist3r
🔵 SIEM Splunk · Elastic/Kibana · Wazuh · Graylog
🔵 IDS / IPS Snort · Suricata · Zeek · OSSEC
🔵 Forensics Volatility · Autopsy · FTK Imager · Binwalk · Strings
🔵 Threat Intel MISP · OpenCTI · VirusTotal · AbuseIPDB · Sigma Rules
🔵 Traffic Wireshark · tcpdump · NetworkMiner · Ettercap
⚙️ Environment Kali Linux · Parrot OS · Docker · VirtualBox · tmux

📬 Contact

Platform Handle Link
📧 Email G-Mail
💼 LinkedIn Peter Kariuki
🐦 Twitter / X @BdMutant
🔐 TryHackMe peterkariukiwanj
💻 HackTheBox PKariuki007
💬 WhatsApp Text Only
🌐 Portfolio Live Site

"Security is not a product, but a process." — Bruce Schneier


Visitors


Pinned Loading

  1. Password-Analyzer Password-Analyzer Public

    HTML 18

  2. Modern-App-Color-Combos Modern-App-Color-Combos Public

    Research-backed color combinations for modern app development. Includes primary palettes, dark mode variants, luxury styles, and real-world case studies for 15+ app categories. WCAG compliant and …

    9

  3. Cybersecurity-Threats-Guide Cybersecurity-Threats-Guide Public

    Cybersecurity Threats & Vulnerabilities Guide is a comprehensive educational resource that provides detailed documentation, detection scripts, and prevention strategies for various cybersecurity th…

    Python 13 2

  4. awesome-privacy awesome-privacy Public

    Forked from Lissy93/awesome-privacy

    🦄 A curated list of privacy & security-focused software and services

    Astro 11 1

  5. PayloadsAllTheThings PayloadsAllTheThings Public

    Forked from swisskyrepo/PayloadsAllTheThings

    A list of useful payloads and bypass for Web Application Security and Pentest/CTF

    Python 11 1

  6. recipe-book-app recipe-book-app Public

    This app allows users to effortlessly manage their culinary creations

    TypeScript 10 1