Penetration Tester · CHECK Team Member

RootSec

Built on curiosity. Driven by compromise.

$ whoami

Jonathan — penetration tester specializing in web application security, phishing campaigns, and internal network testing.

Web AppsPhishingInternal TestingSAP SecurityRed Team

terminal — r00tsec@sh:~#

Recent Writingall posts →

Apr 30, 2026

ICSSCADA

InCTRL: Inside an Industrial Control System

Breaking down what actually makes up an ICS from PLCs and HMIs to the networks beneath them and understanding how they differ from traditional IT environments you are used to.

Apr 30, 2026

Apr 15, 2026

PhishingGoPhish

PhishCraft: Burning Less, Blending More

Focusing on GoPhish customisation and OPSEC by removing default settings, changing identifiers, refining behaviour, and adjusting how campaigns operate so they blend in better and don't get burned.

Apr 15, 2026

Apr 09, 2026

PhishingGoPhish

PhishCraft: Building a Local GoPhish Lab

Setting up a local on-prem phishing lab in VMware using GoPhish, configuring a simple mail setup, and testing how campaigns and templates work before moving into more advanced infrastructure.

Apr 09, 2026