About

I’m Emir Buğra Erdoğan, a security researcher and red teamer focused on offensive security and penetration testing.

This blog serves as my personal knowledge base where I document techniques, tools, and methodologies related to:

• Web Application Security
• Active Directory Exploitation
• Red Team Operations
• Penetration Testing Methodologies
• Offensive Security Tools & Techniques

Background

• Security Researcher at Siber Vatan, Team Delta
• President of Ondokuz Mayis University’s Free Software and Open Source Community
• Former CTI Analyst Intern at DNG-Tech
• Former Cybersecurity & System Administration Intern at Ondokuz Mayis University

Technologies & Tools

Offensive Security:

• Burp Suite, Metasploit, Nmap, BloodHound
• Havoc Framework, GoPhish
• Bash, PowerShell, Python

Development:

• Go, C/C++, Python
• Custom tooling and automation

Infrastructure:

• Linux, Windows, Active Directory
• Docker, Proxmox
• Raspberry Pi

Research Interests

Web Application Security
Complex vulnerability chains and business logic exploitation, OWASP Top 10

Adversarial Simulation
AD attack paths, post-exploitation, and defensive bypasses

Cyber Threat Intelligence
Developing custom OSINT frameworks and recon engines in Go

Linux System Administration
Managing and securing Linux-based systems infrastructure

Custom Tooling
Red team tooling and automation

What You’ll Find Here

This site contains technical write-ups, cheat sheets, and research notes covering various offensive security topics. The content is primarily focused on practical exploitation techniques and real-world attack scenarios.

Connect

Feel free to reach out or follow my work:

• GitHub: github.com/emirbughra
• LinkedIn: linkedin.com/in/bughra
• X (Twitter): @bughra
• Email: contact@bughra.dev

Disclaimer

All content on this blog is for educational and authorized testing purposes only. Always obtain proper authorization before testing any systems or networks.

Built with Astro and AstroPaper