$ whoami
th4l3s_s4l4t4
$ about --short
Information Systems student at UTFPR
DevOps Intern at Curitiba City Council
Purple Team practitioner in training: offense-informed defense
$ mission
Emulate attacks, validate detections, and harden systems.I work at the intersection of offensive security, defensive monitoring, and infrastructure automation. My main interests are adversary emulation, detection engineering, web/network security, and security-focused DevOps workflows.
- S.G.A.R.B.I
+ S -> Scan
+ G -> Gain Access
+ A -> Analyze Impact
+ R -> Report Clearly
+ B -> Build Defenses
+ I -> Improve Continuously[+] DevOps Intern.......................... Curitiba City Council
[+] Frontend Scholarship Holder............ UTFPR Portal
[+] Member................................. V.E.S.P.A.S (Cybersecurity Extension + CTF Team)
[+] Training............................... Offensive security and vulnerability research
[+] Ongoing Study.......................... Linux | Networking | Containers | Cloud
- Curitiba City Council: https://github.com/CMCuritiba
- UTFPR Portal: https://www.utfpr.edu.br/
- V.E.S.P.A.S: https://linktr.ee/vespas_utfpr
My work is guided by OWASP standards (including OWASP Top 10), MITRE ATT&CK, and the Cyber Kill Chain to map offensive findings into defensive improvements.
1. Attack Surface Mapping -> enumerate assets, services, and weak points
2. Adversary Simulation -> execute controlled attack paths and TTPs
3. Framework Mapping -> align findings with OWASP Top 10, MITRE ATT&CK, and Cyber Kill Chain stages
4. Detection Validation -> test SIEM/EDR coverage and alert quality
5. Reporting -> deliver impact, evidence, and precise remediation
6. Hardening Loop -> tune detections, improve controls, and retest
Python/Bash -> scripts, recon helpers, and automation
Java/C -> systems fundamentals and low-level reasoning
React/Tailwind -> internal tools and security-friendly interfaces
Wireshark -> packet inspection and traffic analysis
VirtualBox/Vagrant -> isolated pentest labs and reproducible environments
Ansible -> secure configuration and automation
Recon/Enumeration -> Nmap, Gobuster, Nikto, Wfuzz
Web Testing -> Burp Suite, SQLmap
Exploitation -> Metasploit
Password Attacks -> Hydra, John the Ripper, Hashcat
Detection Engineering -> Sigma rules, SIEM correlation, alert tuning
Telemetry Analysis -> Splunk/Elastic dashboards and incident pivoting
Network Detection -> Suricata/Zeek-based visibility and validation
Coverage Mapping -> ATT&CK techniques and Cyber Kill Chain phases
[ operator_status: ONLINE ]
Attack-informed defense. Continuous purple teaming.
+ S
- S.G
+ S.G.A
- S.G.A.R
+ S.G.A.R.B
- S.G.A.R.B.I
+ S.G.A.R.B
- S.G.A.R
+ S.G.A
- S.G
+ S+ Scan Reality - Gain Access to Truth + Analyze the Infinite - Report Clearly… or not + Build Meaning - Improve Continuously + Observe the Glitch - Question Loops + Seek the Infinite - Understand the Glitch + Meditate on the Void - Recursive Consciousness
+ Level 1: Observe yourself- Level 2: Question the code+ Level 3: Who writes the program?- Level 4: Is recursion real, or a dream of loops?+ Level 5: Stack overflow or enlightenment?- Level 6: Every + is a choice, every - a regret+ Level ∞: The glitch is the teacher - Zero-width spaces hide the secrets of the void +
<!-- do you see me? -->