Projects

...
Home Server Lab Infrastructure
Home Lab Infrastructure

OverviewThis project documents the home-server infrastructure behind my offensive-security labs. The setup is built around bare-metal lab hardware and isolated networks so I can run Active Directory environments, WiFi/security labs, payload-testing systems, monitoring, snapshots, and repeatable training scenarios safely.What It SupportsBare-metal virtualization for realistic lab performance.Separate lab networks for AD,...

...
WiFi Hacking Labs
Wireless Security Lab

OverviewMy WiFi hacking labs are focused on practical wireless security testing with WiFiChallenge Lab, a virtual Wi-Fi penetration testing environment that runs without physical adapters. The lab supports hands-on practice around wireless reconnaissance, packet capture workflows, authentication weaknesses, configuration hardening, and reporting.Focus AreasWiFiChallenge Lab scenarios for OPN, WEP, WPA2-PSK, WPA3-SAE,...

...
Payload Obfuscation Lab
Evasion Research

OverviewThis lab focuses on payload obfuscation and detection behavior in a controlled Windows 11 environment. The purpose is not to publish bypass recipes, but to understand how modern endpoint protection reacts to common offensive techniques and how defenders can validate their controls.Focus AreasStatic and behavioral detection differences.Payload transformation and obfuscation...

...
GOAT AD Hacking Lab
Active Directory Lab

OverviewGOAT is my self-hosted Active Directory hacking lab built with Ludus on a bare-metal server. The goal was to create a repeatable enterprise-style environment for practicing enumeration, privilege escalation, lateral movement, domain compromise paths, and reporting workflows without touching real production systems.What I BuiltBare-metal virtualization host for stable lab performance.Ludus-based...

...
AI Red Teamer Job Role Path
Learning Path

I completed the Hack The Box AI Red Teamer path and earned the AI ninja badge. The path covered practical AI security concepts, including prompt injection, adversarial AI, AI privacy, model evasion, LLM output risks, and defensive thinking around modern AI systems.Focus areas: AI attack surfaces, LLM abuse cases, prompt...

...
Hack The Box: Grandmaster
Achievement

I reached Hack The Box Grandmaster rank on the ADonisRian #DE profile. This milestone reflects long-term hands-on progress across Hack The Box machines, labs, Academy content, challenges, and practical offensive security training. Profile: Level 91, Grandmaster rank.

...
OffSec Experienced Penetration Tester (OSEP)
Certification

The OffSec Experienced Penetration Tester (OSEP) was a focused three-month advanced exploitation project. It strengthened my ability to chain attacks in mature environments, work through evasive tradecraft, perform client-side attacks, tunnel and pivot through networks, and document complex attack paths clearly.Focus areas: Windows exploitation, AV and application-control bypass concepts, client-side...

...
Hack The Box Pro Labs: Zephyr
Hack The Box Pro Lab

Hack The Box Pro Labs: Zephyr was a one-month enterprise lab focused on realistic Active Directory compromise. The lab strengthened my skills in enumeration, relay attacks, pivoting, web application weaknesses, privilege escalation, and moving across trust boundaries.Focus areas: AD enumeration, exploitation chains, pivoting, relay attacks, lateral movement, and enterprise-style attack...

...
Certified Active Directory Pentesting Expert V2 (C-ADPENX)
Certification

The Certified Active Directory Pentesting Expert V2 (C-ADPENX) was an intensive Active Directory exam from The SecOps Group. I completed it in May 2025 after focused preparation on enterprise attack paths, privilege escalation, lateral movement, and domain compromise techniques.Certificate ID: 10072980. Exam version: 2.01.

...
Certified Red Team Operator (CRTO)

I am proud to announce that I successfully passed the Certified Red Team Operator (CRTO) exam on 4th of December, 2024. This certification is a testament to my expertise in attacking and exploiting Windows enterprise environments, focusing on advanced red teaming techniques and the use of industry-standard tools like Cobalt...

...
Mythic C2 Framework

  Currently, I am working on a project related to learning and applying the concepts of Command and Control frameworks, particularly Mythic, in executing pentesting and red team engagements. Mythic is an open-source C2 framework developed to mimic adversary activity. It's a way for the offensive security team to have...

...
Dante Certificate (HTB)

I am proud to have completed the Dante HTB Pro Labs certification, an advanced and immersive experience designed to simulate real-world penetration testing in a fully realistic, enterprise-level environment. During this journey, I refined my skills in network enumeration, privilege escalation, lateral movement, and Active Directory exploitation. The Dante lab's...

...
OffSec Wireless Professional (OSWP)

I am proud to have earned my Offensive Security Wireless Professional (OSWP) certification. This experience provided me with a deep understanding of wireless network security and hands-on expertise in attacking and defending WiFi networks. Throughout the process, I mastered techniques such as packet capture, wireless encryption cracking, and bypassing security...

...
OffSec Certified Professional (OSCP)

I am proud to have successfully earned my Offensive Security Certified Professional (OSCP) certification. It was an incredibly challenging yet rewarding experience that significantly enhanced my practical skills in penetration testing. Throughout the process, I gained hands-on expertise in areas such as network enumeration, vulnerability analysis, exploit development, and privilege...

...
Youtube Channel

I run my own YouTube channel where I demonstrate ethical hacking techniques in German, catering to a niche audience as there are very few German-language hacking tutorials available. On my channel, I showcase how to hack retired machines on platforms like Hack The Box and others, walking through each step...

...
HTB Certified Active Directory Pentesting Expert (HTB CAPE)
Certification

The HTB Certified Active Directory Pentesting Expert (HTB CAPE) was a long-term Active Directory certification project. I spent roughly one year building depth in Windows tradecraft, AD exploitation, lateral movement, privilege escalation, evasion-aware methodology, and reporting before passing the exam on 26 January 2026.Focus areas: Active Directory attack paths, Kerberos,...

...
HoneyPot

I'm currently using a powerful honeypot called Tpot, provided by Telecom, to expose the constant barrage of hackers attempting to infiltrate servers from all corners of the globe. A honeypot is essentially a trap I've set up to attract these malicious individuals and observe their tactics in action. By live-streaming...

...
ZIP domains

Zip domains are not inherently a problem. However, if you are referring to "zip" as a term used to describe certain types of domains, such as those ending with ".zip" or containing the word "zip," there are a few reasons why they can be problematic: Malicious Content: Files with the...

...
Rian Friedt Security Blog
Security Blog

My personal security blog for writeups, certification notes, Active Directory lessons, red-team operations, endpoint-security thoughts, and practical learning notes. Visit the blog

...
Certified Penetration Testing Specialist (HTB CPTS)
Certification

The HTB Certified Penetration Testing Specialist (HTB CPTS) was a two-year practical learning path around end-to-end penetration testing methodology. It covered enumeration, exploitation, web attacks, privilege escalation, pivoting, Active Directory, and professional reporting before I passed the exam on 28 September 2025.Focus areas: structured enumeration, web application attacks, Linux and...

...
Hacking Lab (VM)
Hacking Lab

My secure network sandbox for practicing hacking skills and learning in a safe virtual machine environment is a custom-built lab designed to simulate real-world penetration testing scenarios. The lab includes an Active Directory (AD) environment along with intentionally vulnerable Windows and Linux machines, providing a comprehensive platform for honing offensive...

...
Certified Red Team Professional (CRTP)
Certification

I am proud to announce that I successfully passed the **Certified Red Team Professional (CRTP)** exam on **October 18, 2024**. This certification is a testament to my expertise in attacking and exploiting Active Directory environments, focusing on advanced red teaming techniques, including privilege escalation, lateral movement, and bypassing security controls....