About
whoami
I'm Mostafa Toumi, known online as EmSec. a cybersecurity practitioner focused on offensive security, penetration testing, and Active Directory attack research. I'm an HTB Content Creator, contributing original machine ideas and attack chains to the Hack The Box platform. I love simulating real-world attacks in my home lab, especially complex Active Directory environments where I can design, break, and harden infrastructure end-to-end. On this blog website, I publish writeups, security tutorials, and occasionally deep-dive walkthroughs. My weekly rhythm: every Friday and Sunday I sharpen my skills by practicing on Hack The Box.HTB Contributions
Machines I’ve authored and contributed to on Hack The Box:
| Machine | Difficulty | OS | Release Date |
|---|---|---|---|
| Infiltrator | Insane | Windows | 2024-08-31 |
| Sightless | Easy | Linux | 2024-09-07 |
| Trickster | Medium | Linux | 2024-09-21 |
| Haze | Hard | Windows | 2025-03-29 |
| Scepter | Hard | Windows | 2025-04-19 |
| RustyKey | Hard | Windows | 2025-06-28 |
| Mirage | Hard | Windows | 2025-07-19 |
| NanoCorp | Hard | Windows | 2025-11-08 |
| DevArea | Medium | Linux | 2026-03-28 |
| DanglingTree | Medium | Windows | 2026-06-18 |
HTB Business:
| Machine | Difficulty | OS | Release Date |
|---|---|---|---|
| EdgeAi | Medium | Linux | 2025-01-22 |
Core Expertise
Offensive Security & Penetration Testing
Active Directory attacks (Kerberoasting, RBCD, DACL abuse, ADCS ESC chains, Kerberos delegation), NTLM relay, DCOM lateral movement, GPO abuse, web application vulnerabilities (OWASP Top 10), and network protocol exploitation.Networking
TCP/IP, routing protocols (OSPF, BGP), VLANs, firewall configuration, VPNs, and network security hardening.Development & Scripting
Python3, Bash, C, HTML/CSS — used primarily for security tooling, CTF automation, and lab infrastructure. Experience with Scapy for packet-level scripting.Operating Systems
Kali Linux, Ubuntu, Windows Server (2016/2019), Parrot OS, CentOS — comfortable administering and attacking both Linux and Windows environments.Certifications
- CCNA: Enterprise Networking, Security, and Automation
- CCNA: Switching, Routing, and Wireless Essentials
- CCNA: Introduction to Networks
- CCNA Security
- Red Teaming — TryHackMe
- Jr Penetration Tester — TryHackMe
- CompTIA Pentest+ — TryHackMe
- CLA: Programming Essentials in C
- Bachelor of Science in Physics — July 2019
- Specialized Technician Diploma in Computer Network Techniques — July 2021
Profiles
What You'll Find on This Blog
- HTB machine writeups and walkthroughs
- Active Directory attack technique breakdowns
- Security tooling and scripting
- CTF challenge solutions
- Linux and Windows lab setup guides