### Ayub Yusuf (he/him) ππΏ
- [LinkedIn π](https://linkedin.com/in/ayubyusuf/)
- [Twitter π¦](https://twitter.com/whitecyberduck)
### Certifications
- GIAC Security Expert (**GSE**)
- GIAC Penetration Tester (**GPEN**)
- GIAC Cloud Threat Detection (**GCTD**)
- GIAC Critical Controls Certification (**GCCC**)
- GIAC Certified Intrusion Analyst (**GCIA**)
- GIAC Certified Incident Handler (**GCIH**)
- GIAC Security Essentials Certification (**GSEC**)
- OffSec Certified Professional (**OSCP**)
### Notable CTF Accomplishments
- Hack Red Con 2023 CTF (**1st place Black Badge**)
- Enterprise Penetration Testing August 2023 CTF (**1st place Challenge Coin**)
- HackSpaceCon 2023 CTF (**2nd place**)
- Way West 2022 CTF (**3rd place**)
- Cloud Security Threat Detection November 2022 CTF (**3rd place Challenge Coin**)
- Deadwood 2022 CTF (**6th place**)
- SANS NetWars Global Preview 2022 (**6th place**)
- BIC @ Thotcon Village 2023 CTF (**7th place**)
- H@cktivityCon 2021 CTF (**9th place**)
### Presentation and Publications
- β[Understanding Cryptography for Offensive Security](https://youtu.be/S8esOtKmFDc),β BHIS Webcast (Jan 2024)
- βHackerβs Guide to Starting Your Security Career,β BSides Atlanta (Oct 2023)
- β[To Cert or Not to Cert](https://www.blackhillsinfosec.com/prompt-zine/prompt-issue-infosec-survival-guide-second-volume/),β Infosec Survival Guide Vol. 2, p.g. 10-11 (Oct 2023)
- [EP 89 Getting My First Job in Cybersecurity with Ayub Yusuf](https://www.yourcyberpath.com/podcast/89/), Your Cyber Path Podcast (Feb 2023)
### Blog Posts
- [My Favorite Web App Pentesting Extension - Firefox Containers](https://www.whitecyberduck.com/My+Favorite+Web+App+Pentesting+Extension+-+Firefox+Containers)
- [Useful Cybersecurity Websites](https://www.whitecyberduck.com/Useful+Cybersecurity+Websites)
- [Windows & Linux Hashing Guide for n00bs](https://www.whitecyberduck.com/Windows+%26+Linux+Hashing+Guide+for+n00bs)
- [Six Things I Wish I Knew for the OSCP](https://www.whitecyberduck.com/Six+Things+I+Wish+I+Knew+for+the+OSCP)
- [Wrong time on Kali Linux 2020.4?](https://whitecyberduck.medium.com/fixing-time-in-kali-linux-2020-4-8a6b7eb1b238)
### Books
- Beyond Snowden: Privacy, Mass Surveillance, and the Struggle to Reform the NSA by Timothy H. Edgar
- The Code Book: The Code Book: The Science of Secrecy from Ancient Egypt to Quantum Cryptography by Simon Singh
- Getting Started in Infosec Consulting by Ted Demopoulos
- The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage by Cliff Stoll
- Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon by Kim Zetter
### Courses
- Active Defense & Cyber Deception w/ John Strand
- Advanced Network Threat Hunting w/ Chris Brenton
- Binary Exploitation: An Oral History w/ TsarSec
- Breaching the Cloud w/ Beau Bullock
- CS50 Web Programming with Python and JavaScript w/ Brian Yu [in-progress]
- Cyber Threat Hunting Lvl 1 w/ Chris Brenton
- Effective Information Security Writing w/ Chris Sanders
- External Pentest Playbook by Heath Adams
- INE Azure Pentesting by Slavi Parpulev
- INE Cloud Fundamentals by Tracy Wallace
- INE Penetration Testing Student by Lukasz Mikula
- Intro Malware Reverse Engineering by Randy Pargman & Josh Galloway
- Intro to Offensive Tooling w/ Chris Traynor
- Introduction to PCI w/ Nathan Sweaney
- Linux 101 by Brent Eskridge
- Linux Command-Line Dojo w/ Hal Pomeranz
- Modern WebApp Pentesting w/ BB King
- Next Level OSINT w/ Mishaal Khan
- OSINT Fundamentals by Heath Adams
- OWASP Top 10 w/ Kevin Johnson
- OffSec Penetration Testing with Kali Linux (PWK/PEN-200)
- Offensive Tradecraft: Introduction to Pentesting w/ John Strand
- PowerShell for Pentesters by Joe Helle
- Practical API Hacking w/ Aaron Wilson
- Practical Ethical Hacking by Heath Adams
- Practical Malware Analysis & Triage by Matt Kiely
- Practical Web Application Security & Testing by Michael Taggart
- Practical Windows Forensics by Markus Schober
- Professionally Evil API Testing w/ Jennifer Shannon [in-progress]
- Professionally Evil Application Security w/ Kevin Johnson and Jason Gillam [in-progress]
- Python for Defenders, Pt. 1 w/ Michael Taggart
- Red Team Fundamentals for Active Directory w/ Eric Kuehn
- Responsible Red Teaming w/ Matt Kiely
- SANS SEC401 Security Essentials Network, Endpoint, and Cloud w/ Bryan Simon
- SANS SEC503 Intrusion Detection In-Depth w/ David Hoelzer
- SANS SEC504 Hacker Tools, Techniques, and Incident Handling w/ Joshua Wright
- SANS SEC541 Cloud Security Attacker Techniques, Monitoring, and Threat Detection w/ Shaun McCullough & Ryan Nicholson
- SANS SEC560 Enterprise Penetration Testing w/ Jeff McJunkin & Tim Medin
- SANS SEC566 Implementing and Auditing Security Frameworks and Controls w/ James Tarala
- SOC Core Skills w/ John Strand
- Securing the Cloud: Foundations w/ Andrew Krug
- Security Leadership and Management w/ Chris Brenton
- Security with BHIS and MITRE ATT&CK w/ John Strand
- Splunk Fundamentals 1
- Story-Telling Workshop: How To Tell Stories that Get Peopleβs Attention w/ Ed Skoudis
- Treehouse Beginner Python
- The Bug Hunter's Methodology w/ Jason Haddix
- VMware Carbon Black Cloud Fundamentals
- Windows & Linux Privilege Escalation for Beginners w/ Heath Adams
- Windows & Linux Privilege Escalation for OSCP & Beyond! w/ Tib3rius