Penetration Tester · CHECK Team Member

RootSec

Built on curiosity. Driven by compromise.

$ whoami

Jonathan — penetration tester specializing in web application security, phishing campaigns, and internal network testing.

Web AppsPhishingInternal TestingSAP SecurityRed Team

terminal — r00tsec@sh:~#

Recent Writingall posts →

Apr 13, 2026

PhishingGoPhish

PhishCraft: From Local to Live Infrastructure

Moving the lab into real infrastructure with a VPS, domain configuration, SMTP relaying, and hardening GoPhish to remove fingerprints while introducing a reverse proxy and basic OPSEC.

Apr 13, 2026

Apr 09, 2026

PhishingGoPhish

PhishCraft: Building a Local GoPhish Lab

Setting up a local on-prem phishing lab in VMware using GoPhish, configuring a simple mail setup, and testing how campaigns and templates work before moving into more advanced infrastructure.

Apr 09, 2026

Sep 30, 2025

SCCMMECM

SCCM Exploitation: Part 3 - Reconnaissance and Enumeration

Recon from unauthenticated and authenticated angles using techniques and tools such as Nmap, RPC/IIS fingerprinting, LDAP/WMI to locate MPs/DPs and exposed package artifacts.

Sep 30, 2025