About Me

Hey — I'm birenk.

I'm a UK-based cybersecurity enthusiast who's been pulling threads in the security space for the better part of five years. This blog started as a personal notebook — somewhere to write up what I'd learned before I forgot it — and gradually turned into something more deliberate.

I spend most of my time across offensive security disciplines: red team methodology, Active Directory abuse, web application testing, and chasing flags on HackTheBox and TryHackMe. On the other side, I'm deeply interested in how defenders think — detection engineering, SIEM tuning, and making sense of the mountains of telemetry that modern environments produce.

Threat intelligence is another thread that runs through a lot of what I write. I find the adversary side of the problem genuinely fascinating — how campaigns are constructed, how infrastructure is spun up and torn down, and what the forensic artefacts tell us after the fact.

I write here because I believe technical knowledge should be accessible without being dumbed down. If something I've written saves you an hour, helps you understand an attack chain, or gives you one new query to add to your detection library — that's the goal.

I don't post on a fixed schedule. When something is worth writing up properly, I do. Everything here is published under my own name and reflects my own views — not anyone else's.

Read the Posts Get Updates

Profile

Certifications

OSCP CEH eJPT CompTIA Security+

Find Me

🔗 GitHub 🏗 HackTheBox 🔎 TryHackMe

Skill Areas

Technical Focus

Where I spend my time and how I'd rate my confidence across disciplines.

Penetration Testing Advanced

Threat Intelligence Advanced

Malware Analysis Intermediate

Detection Engineering Intermediate

Scripting (Python / Bash) Advanced

Cloud Security (AWS / Azure) Developing

Background

How I Got Here

2020

Started the Blog

Launched Birenk as a personal knowledge base — a place to document CTF solutions and techniques before they slipped out of memory.

2021

First Certifications

Completed CompTIA Security+ and eJPT, solidifying foundational knowledge and shifting focus toward structured offensive methodology.

2022

Deep Dive into AD Security

Spent a significant stretch on Active Directory attack paths — Kerberos abuse, ACL exploitation, and trust relationship attacks. BloodHound became a daily tool.

2023

OSCP — Passed

One of the most demanding experiences — 24 hours, a handful of machines, and a lot of coffee. The process refined a structured, methodology-first approach.

2024

Expanded into Threat Intel

Began tracking threat actor infrastructure more systematically, incorporating OSINT pivoting, passive DNS analysis, and campaign attribution into writing.

2025 →

Ongoing

Continuing to learn, write, and share. Current focus areas: cloud-native attack surfaces, AI/ML security, and improving detection coverage in home lab environments.

Toolbox

What's in Regular Rotation

Tools I use and occasionally write about.

Nmap BloodHound Burp Suite Metasploit Wireshark Ghidra CrackMapExec Impacket YARA Volatility Sigma Python Bash Shodan Maltego Responder Nuclei Mimikatz theHarvester Elastic SIEM