Penetration Tester · CHECK Team Member

RootSec

Built on curiosity. Driven by compromise.

$ whoami

Jonathan — penetration tester specializing in web application security, phishing campaigns, and internal network testing.

Web AppsPhishingInternal TestingSAP SecurityRed Team

terminal — r00tsec@sh:~#

Recent Writingall posts →

Apr 07, 2026

PhishingGoPhish

PhishCraft: Building a Local GoPhish Lab

Setting up a local phishing lab in VMware using GoPhish, configuring a simple mail setup, and testing how campaigns and templates behave in a real Outlook client before moving into more advanced infrastructure.

Apr 07, 2026

Sep 30, 2025

SCCMMECM

SCCM Exploitation: Part 3 - Reconnaissance and Enumeration

Recon from unauthenticated and authenticated angles using techniques and tools such as Nmap, RPC/IIS fingerprinting, LDAP/WMI to locate MPs/DPs and exposed package artifacts.

Sep 30, 2025

Aug 22, 2025

SCCMMECM

SCCM Exploitation: Part 2 – Collections, Deployment, PXE

Exploring SCCM’s collections, variables, task sequences, network access accounts, and PXE boot to understand the in-depth process behind deployment and operating system provisioning.

Aug 22, 2025