I break things for a living. I'm
Arnold Mavhezha
Offensive Security
Penetration Tester
Application Security
Red Team Operator
Endpoint Security
Malware Analyst
Offensive Security Engineer focused on identifying, exploiting, and reporting real-world vulnerabilities before attackers do. My background in development means I understand how vulnerabilities are introduced at the code level. My offensive focus means I know exactly how to exploit them from an attacker's perspective. I've bypassed authentication via SQL injection, identified live Cobalt Strike beacons in memory dumps, reconstructed full attack timelines from raw disk artifacts, and neutralized 50+ security incidents. Currently preparing for OSCP and actively building offensive security tools and exploit-driven projects.
Offensive Highlights
- Bypassed authentication via SQL injection, extracted admin JWT, full session hijacked
- Exploited IDOR to enumerate all user basket data with zero ownership validation
- Bypassed client-side file upload restrictions to upload arbitrary files server-side
"Lock in. Action. Aggression."