Nicholas AbrahamOffensive Security

Nicholas Abraham

Offensive Security Practitioner · Sydney, Australia

Penetration tester focused on web security, Active Directory, vulnerability research, and practical offensive security.

Certifications

Offensive security certifications alongside cloud credentials.

OffSec Certified Professional certification badge

OffSec Certified Professional

Practical penetration testing certification focused on hands-on exploitation.

OffSec Wireless Professional certification badge

OffSec Wireless Professional

Wireless network security and penetration testing certification.

OffSec Threat Hunter certification badge

OffSec Threat Hunter

Threat hunting and detection-focused offensive security certification.

Practical Network Penetration Tester certification badge

Practical Network Penetration Tester

Network and Active Directory penetration testing certification.

AWS Certified Cloud Practitioner certification badge

AWS Certified Cloud Practitioner

Foundational AWS cloud concepts and services.

AWS Certified AI Practitioner certification badge

AWS Certified AI Practitioner

Foundational AWS AI and machine learning concepts.

About

I started with a curiosity for how systems work, then became more interested in how they fail. That led me toward offensive security, where I spend most of my time testing assumptions, breaking things, and learning from what goes wrong. I enjoy the mix of technical depth and practical problem-solving, whether that means exploring an attack path, building a lab, or automating repetitive work. I care less about collecting tools and more about understanding why an approach works, where it fails, and how to improve it.

Methodology over tools.

Projects

Hands-on home lab projects in Active Directory attack simulation and SIEM detection engineering.

Active Directory / Home Lab

Active Directory Attack Lab

A hands-on Active Directory lab simulating enterprise authentication infrastructure and offensive attack paths from initial compromise through lateral movement.

  • Built Active Directory lab environment with domain controller and client systems to simulate enterprise authentication infrastructure
  • Simulated initial compromise techniques including LLMNR poisoning and SMB relay attacks to obtain credential access
  • Performed post-compromise enumeration using tools such as BloodHound to identify privilege escalation and domain attack paths
  • Executed credential abuse techniques including Kerberoasting, AS-REP roasting, and credential replay attacks to simulate lateral movement
  • Used Python and PowerShell to automate repetitive enumeration, payload preparation, data processing, and security testing tasks within lab environments

Active Directory · Windows Server · BloodHound · Python · PowerShell

Detection Engineering / Home Lab

Splunk SIEM Detection Lab

A centralized SIEM environment using Splunk Enterprise to ingest Windows security telemetry and develop detection queries for suspicious authentication and process activity.

  • Built centralized SIEM environment using Splunk Enterprise on Ubuntu Server, ingesting security logs from Active Directory domain controller and workstation endpoints
  • Configured Splunk Universal Forwarder, Sysmon, and PowerShell Script Block Logging to collect security telemetry including process execution and authentication activity
  • Developed Splunk detection queries and alert rules to identify suspicious authentication behaviour and abnormal process activity from Windows security logs and Sysmon events

Splunk Enterprise · Ubuntu Server · Sysmon · Windows Event Logs · PowerShell Script Block Logging

Contact

nicholasabraham01@gmail.com