Arnold Mavhezha
Offensive Security Engineer with 4+ years across SOC operations, penetration testing, and cloud security engineering. I started as a developer. That foundation means I trace vulnerabilities to their source in the code, not just fire tools at a target, and it's why I can turn a technical finding into a remediation a non-technical stakeholder will actually act on. Hands-on across the full attack surface: Active Directory environments compromised via BloodHound, Kerberoasting, DCSync, and delegation abuse. Live CVEs exploited on network services. Cobalt Strike C2 beacons identified in memory dumps. Full intrusion timelines reconstructed from raw disk artifacts. 14 HackTheBox machines rooted. All documented.
- Compromised Windows domain controllers via BloodHound path analysis, WriteDACL abuse, Kerberoasting, and DCSync across 8 AD environments
- Led penetration testing and vulnerability assessment engagements using Nessus and Nmap, driving a 45% reduction in critical CVEs within 30-day remediation cycles
- Identified live Cobalt Strike C2 beacons in memory dumps, extracted credentials from RAM, reconstructed full intrusion timelines from disk artifacts