whoami --verbose

H4KL0RD

Ethical Hacker  |  Active Directory Specialist

I break into networks — legally. Specialised in Active Directory attack paths, Kerberos abuse, and enterprise red team operations. I find the cracks in your kingdom before the adversary does.

Active Directory Red Team Kerberoasting BloodHound CRTO Mimikatz Impacket Pass-the-Hash
./view-work ping me
H4KL0RD logo — cyberpunk hooded hacker emblem
// personal.bio

Nicolas Mateo Casanova

From Chile Spain to the world!

My path to offensive security wasn't a straight line: I studied business in the UK, worked in a bank in Barcelona, and even ran a restaurant in the fjords of Norway. None of it fully clicked. Something was always missing.

That “something” was the same spark I had since I was a kid: the obsession with understanding how systems break, how people think, and how attackers exploit both. That spark eventually won.

I moved into fraud investigation in Bournemouth, trained in ethical hacking and red‑team operations, and built the career I always wanted — helping organisations defend themselves by thinking like the adversary.

Today, I’m a pentester with a global background, a hacker’s mindset, and a very simple mission: find the weaknesses before someone else does.

✎ click to edit — your story, your words
// .bash_history loaded — 6 entries found
$ cat .bash_history | grep --projects

.bash_history;

🏰
// AD Lab

KingdomFall — Full AD Compromise Chain

End-to-end Active Directory lab simulating a real enterprise environment. Covers initial foothold, lateral movement, Kerberoasting, DCSync, and full domain takeover.

BloodHound Impacket Mimikatz
[view]
🔑
// Tool

KerbSlayer — Kerberoast Automation

Custom Python tool that automates SPN enumeration, ticket extraction, and offline cracking pipeline. Integrates with CrackMapExec for seamless red team workflows.

Python CrackMapExec Hashcat
[view]
🩸
// Research

BloodHound Custom Queries Pack

A curated library of 40+ custom Cypher queries for BloodHound, targeting high-value attack paths often missed by default queries. Published on GitHub with 500+ stars.

BloodHound Neo4j Cypher
[view]
🛡️
// CTF / HTB

HackTheBox — Pro Hacker Rank

Achieved Pro Hacker rank on HackTheBox with 30+ machines rooted, specialising in Windows/AD-focused boxes. Write-ups published for retired machines.

HTB Windows AD
[view]
📡
// Pentest

RedForest — Tiered AD Hardening Audit

Comprehensive AD security audit for a 2,000-user enterprise. Identified 14 critical misconfigurations including unconstrained delegation and ACL abuse paths.

PingCastle BloodHound PowerView
[view]
⚔️
// Red Team

ShadowRealm — C2 Infrastructure Setup

Designed and deployed a covert C2 infrastructure using Cobalt Strike with domain fronting, malleable profiles, and redirectors to evade EDR and network monitoring.

Cobalt Strike Nginx OPSEC
[view]
$ h4kl0rd --list-skills --verbose

--skills[]

Certifications
// click to view file
  • CompTIA Security+
    CompTIA Security+ Certificate
  • CompTIA CySA+
    CompTIA CySA+ Certificate
  • CompTIA CSAP
    CASP+ Certificate
  • AZ-900
    Windows Azure AZ-900 Certificate
  • PJPT - TCM
    PJPT Practical Junior Penetration Tester Certificate
  • eJPT - INE
    eJPT Junior Penetration Tester Certificate
  • CRTO — ZeroPoint Security
    CRTO Certified Red Team Operator Certificate
  • CAPE — HackTheBox
    CAPE Certified Active Directory Penetration Expert Certificate
  • Sliver C2 — HackSmarter
    Sliver C2 Pentesting and Evasion Certificate
Active Directory
Kerberos Attacks
ACL Abuse
DCSync / DCSHADOW
Delegation Abuse
Red Team Ops
C2 Frameworks
Lateral Movement
Phishing / Initial Access
OPSEC
Pivoting
Tooling
  • BloodHound / SharpHound
  • Impacket Suite
  • Mimikatz / Rubeus
  • CrackMapExec / NetExec
  • Cobalt Strike / Sliver / Havoc
  • PowerView / PowerSploit
Languages
Human and Machine languages
Spain
United Kingdom
Catalonia
Python
PowerShell
Bash
C# / .NET
Platforms
  • HackTheBox — Pro Hacker
  • PentesterLab
  • GOAD (Game of AD)
  • VulnAD / DetectionLab
$ ping th3h4kl0rd && curl --contact

ping & curl

H4KL0RD@kali:~$ ping -c 3 h4kl0rd.og
PING h4kl0rd.og: 56 data bytes
64 bytes from h4kl0rd.og: icmp_seq=0 ttl=64 time=1.337 ms
64 bytes from h4kl0rd.og: icmp_seq=0 ttl=64 time=1.246 ms
64 bytes from h4kl0rd.og: icmp_seq=0 ttl=64 time=1.124 ms
 
H4KL0RD@kali:~$ curl -X POST /contact --data "msg=hire_me" (please)
HTTP/1.1 200 OK
{"status":"available","response_time":"<24h"}
 
H4KL0RD@kali:~$
📧
📍
// location
Undisclosed — Planet Earth
🟢
// status
Available for engagements

// social & platforms