CLEO // Fox in the Machine

// interactive shell — cleo terminal v3.0

type help · try hack void.ctf

CLEO@VOID:~

REC

whoami ls skills ctf.log neofetch missions katana pantheon hack scan decrypt social help clear

sys // void

CPU---%

MEM---%

NET ↑↓--- kb/s

DISK---%

services

pantheon.local — ONLINE

katana.sh — ARMED

CPTS — IN PROGRESS

ScriptJackers — ACTIVE

identity.conf — NOT FOUND

live log

VOID

01 //

about cleo

I go by Cleo. A fox somewhere in the digital void — pentesting by study, winning CTFs by weekend, and questioning existence through Kafka and JoJo in between.

Currently pursuing a BCA in Cybersecurity, PJPT certified through TCM Security, and actively working toward CPTS via HackTheBox. Active Directory is my domain — literally. I built an Egyptian-themed one that runs 24/7.

I built Cleo's Katana — an automated recon pipeline that chains an entire attack surface discovery workflow. And I designed the Gotham CTF Series — four boot2root boxes wrapped in Batman lore, easy to hard.

I don't have a face you'd recognize. I have a terminal, a team (ScriptJackers), six CTF wins — two national — and a SOAD playlist that carries every late-night session.

// profile

BCA — Cybersecurity Specialization Pursuing
TCM Security PJPT Certified
HackTheBox CPTS In Progress
Active Directory & Network Pentesting Intermediate
TryHackMe — Easy to Insane Active
Egyptian AD Home Lab (PANTHEON.LOCAL) Running
Cleo's Katana — Recon Automation Tool Published

// persona

Team: ScriptJackers
6+ CTF wins — 2 national level
Mascot: Cleo the Fox (hacker goggles)
Fast learner, competitive, always building something
Operating from: the void

HACK

02 //

skills & tools

Red Team // Active Directory

AD Attack Techniques

KerberoastingAS-REP RoastingGolden TicketPass-the-HashPass-the-TicketNTLM RelayLLMNR PoisoningDCSyncBloodHoundMimikatz

Network Pentesting

Network Attack & Recon

NmapWiresharkResponderCrackMapExecMITM6IPv6 AttacksSMB Relay

Web Exploitation

Web App Attacks

Burp SuiteSQLiSSRFLFI/RFIJWT AttacksUpload BypassCommand InjectionFTP Exploitation

Privilege Escalation

PrivEsc & Post-Exploitation

SUID AbuseSudo MisconfigCron JobsPATH HijackingToken ImpersonationMetasploit

Automation // Recon

Custom Tools & Scripting

BashPythonPowerShellNucleiffufsubfinderamassEyeWitness

CTF Skills

CTF & Boot2Root

EnumerationRev EngOSINTSteganographyCryptoForensicsBox Design

03 //

CTF wins

6+

Total Wins

2

National Level

∞

Flags Captured

#	Event	Level	Team	Status
01	DIGIHUNT CTF	National	ScriptJackers	WIN
02	rootbreach CTF	National	ScriptJackers	WIN
03	Encrypted CTF	Open	ScriptJackers	WIN
04	RCS CTF	Open	ScriptJackers	WIN
05	Xploit404 CTF	Open	ScriptJackers	WIN
06	CyberThon CTF	Open	ScriptJackers	WIN

04 //

projects & labs

PANTHEON.LOCAL

// active directory home lab — egyptian gods domain — 1 DC · 2 workstations · 3-4 accounts — internal pentesting range

☥

RA

Domain Controller

⚖

OSIRIS

User Workstation 1

𓂀

HORUS

User Workstation 2

𓁢

ANUBIS

Service Account

// attack techniques practiced

NTLM RelayLLMNR PoisoningMITM6 / IPv6KerberoastingAS-REP RoastingGolden TicketPass-the-HashPass-the-TicketDCSyncBloodHound EnumerationPrivilege EscalationToken ImpersonationSMB RelayCredential Harvesting

GOTHAM CTF SERIES

// 4 boot2root boxes — batman & gotham city themed — easy to hard

#1

Front Gate Breach

[ EASY ]

#2

Funhouse Breach

[ MEDIUM ]

#3

Joker's Cargo Bay

[ MEDIUM ]

#4

Laughing Protocol

[ HARD ]

// recon automation — bash scripting

Cleo's Katana

github.com/cleozi/Cleo-s-Katana

An automated recon and vulnerability scanning pipeline. Chains subdomain enumeration (assetfinder, subfinder, amass), live host probing, port scanning, wayback URL collection, nuclei vulnerability scanning, directory fuzzing (ffuf), subdomain takeover detection, and optional visual recon (EyeWitness) — all in a single command. Forged for precision. Used without hesitation.

BashNucleiffufsubfinderamassnmapEyeWitness

View on GitHub

05 //

blog & writeups

CTF Writeup

Gatekeeper — from stray binary to SYSTEM

Started with nothing but an IP. Found a binary sitting in SMB, exploited a buffer overflow, pivoted through Firefox credentials, and escalated to SYSTEM.

Clean chain. No noise. Just execution.

read writeup → · ~8 min read

AD Technique

Kerberoasting to Domain Admin — the complete AD attack chain

SPN enumeration, ticket extraction, offline cracking, and lateral movement. The path from a low-priv domain user to DA that most beginners skip past.

coming soon · ~12 min read

Tool Breakdown

Building Cleo's Katana — automating the recon phase

Why I built a custom bash pipeline instead of running tools manually. What it taught me about attack surface mapping efficiency and signal-to-noise ratio.

coming soon · ~10 min read

CTF Design

Designing the Gotham Series — making boxes that don't suck

Lessons from creating four boot2root boxes from zero. The fine line between satisfying hard and unfairly frustrating, and why story wrapping changes everything.

coming soon · ~15 min read

CTF Writeup

DIGIHUNT CTF — national level, full breakdown

The challenges, the pivots, the moments it clicked. How ScriptJackers approached a national-level competition and walked away with the win.

coming soon · ~20 min read

// writeups dropping soon

[ the fox is writing — check back ]

06 //

hobbies & taste

♫

Band

System of a Down

SOAD plays while the AD lab runs. Aggressive, political, chaotic — the exact energy for a late-night pentest session. Every track hits like a buffer overflow.

♫

Artist

Serj Tankian

Serj's voice is what a kernel panic sounds like if it were beautiful. His solo work gets more experimental, less filtered, completely honest.

♫

Artist

Daron Malakian

The riff architect. Daron writes guitar parts like he's fuzzing a target that keeps throwing unexpected responses — chaotic, precise, deadly.

✦

Anime

JoJo's Bizarre Adventure

Every arc is a completely different attack vector on the same system. JJBA proved that the most bizarre, unexpected approach is usually the winning one. ORA ORA ORA.

⚡︎

Show

Ragnarok (Netflix)

Gods waking up in a dying world. Mythology rendered in modern Norway. The slow burn, the weight of ancient power — hits different when you work in dark corners.

[>/]

Film

The Truman Show

The most accurate depiction of discovering your threat model includes everyone watching. Peak red pill. Peak paranoia. One of the most important films ever made.

♱

Film

The Green Knight

A hero on a quest he doesn't understand, pursuing honour in a game without clear rules. Medieval red team engagement, existential scope creep included.

𓄲

Book

The Metamorphosis — Kafka

Waking up and not recognizing yourself. Cleo gets it. We're all running in someone else's process with no root access to our own identity.

⚔

All-Time Favourite

Expedition 33

My absolute favourite game. The kind that makes you feel things you didn't plan to feel. Everything about it lands perfectly — story, combat, atmosphere. Nothing else compares.

𒉭

Game

Elden Ring

Every boss is a CTF box. Enumerate, fail, adapt, persist. The feedback loop is identical. Elden Ring directly prepared me for Insane-rated boxes.

𐂂

Game

The Witcher 3

Geralt is basically a contractor running security assessments for morally ambiguous clients with shifting scope and unclear deliverables. The world-building is unmatched.

⚙

Game

Armored Core VI

Build your payload, run the op, iterate when you fail. Peak optimization mindset. Each AC build is like tuning a custom exploit — tiny changes, massive outcome shifts.

07 //

find cleo

No face. No name. Just a GitHub, a terminal, and a track record. That's more than enough to start something interesting.

github / cleozi discord / cleozi cleoz.sec@gmail.com

// transmit a message

CALL SIGN

MESSAGE