Penetration Tester · CHECK Team Member

RootSec

Built on curiosity. Driven by compromise.

$ whoami

Jonathan — penetration tester specializing in web application security, phishing campaigns, and internal network testing.

Web AppsPhishingInternal TestingSAP SecurityRed Team

terminal — r00tsec@sh:~#

Recent Writingall posts →

Apr 15, 2026

PhishingGoPhish

PhishCraft: Burning Less, Blending More

Focusing on GoPhish customisation and OPSEC by removing default settings, changing identifiers, refining behaviour, and adjusting how campaigns operate so they blend in better and don't get burned.

Apr 15, 2026

Apr 09, 2026

PhishingGoPhish

PhishCraft: Building a Local GoPhish Lab

Setting up a local on-prem phishing lab in VMware using GoPhish, configuring a simple mail setup, and testing how campaigns and templates work before moving into more advanced infrastructure.

Apr 09, 2026

Sep 30, 2025

SCCMMECM

SCCM Exploitation: Part 3 - Reconnaissance and Enumeration

Recon from unauthenticated and authenticated angles using techniques and tools such as Nmap, RPC/IIS fingerprinting, LDAP/WMI to locate MPs/DPs and exposed package artifacts.

Sep 30, 2025