Mike Vedete

Hacker | Cybersecurity Professional

About Me

Mike Vedete

A cybersecurity professional who enjoys breaking things, taking them apart, and understanding how they work—sometimes more successfully than others. I currently work on the offensive side of things as an internal penetration tester. I have extensive experience leading a Security Operations Center (SOC), performing incident response, and leading collaborative purple team assessments: both as a blue teamer building detections and fine-tuning alerts, and performing complex attacks against Active Directory and Azure environments. I write malware sometimes and analyze it on occasion. I'm not great at either but I learn best by doing. I build tools when existing ones don't scratch the itch quite right, and I'll be sharing some of those projects here soon. This site is where I blog about my learning journey and showcase tools I've built to deepen my understanding of security concepts. If I can't explain it or build it, I don't really understand it.

[email protected] ~ $ █

Recent Blog Posts

htb-admin v1.0.0: Five Months of Constant Small Fixes

April 13, 2026

I built a CLI tool for Hack The Box automation in November 2025 and have been finding and patching small issues ever since. Today it finally hits v1.0.0.

htb open-source python tooling cybersecurity

Extra-SID Attack via the Inter-Realm Trust Key: Skipping the Golden Ticket

March 15, 2026

The well-documented Extra-SID attack uses the child krbtgt hash and routes through the child KDC. There's a second path that bypasses the child KDC entirely, using the inter-realm trust account hash to forge the referral ticket directly.

active-directory kerberos red-team windows privilege-escalation

Why Joining an HTB Team Changed Everything

February 17, 2026

How joining a Hack The Box team turned occasional box solving into consistent competition, first blood, and a spot at the top of the leaderboards

htb cybersecurity learning personal penetration-testing

View all posts →

What I Actually Do

Break Into Things

▹ Internal penetration testing
▹ Active Directory & Azure attacks
▹ Web app exploitation
▹ Linux & Windows privilege escalation

Research & Analyze

▹ CVE analysis & POC development
▹ Threat intelligence & APT tracking
▹ Malware development & analysis
▹ Cryptography & PKI internals

Build Tools

▹ Python CLI tools for offensive workflows
▹ Impacket-based Windows tooling
▹ Exploit development & customization
▹ PowerShell & Bash scripting

Defend & Detect

▹ SOC leadership & incident response
▹ Detection engineering & SIEM tuning
▹ Purple team assessments
▹ Production security & config management

Explore

Read My Blog View Projects Get In Touch