About | Goutham Prasanth Pamarthy

Operator profile

Security engineer based in College Park, MD. I studied cybersecurity at the University of Maryland (M.Eng., 2025) after completing my CS undergrad at GITAM in India.

Between school and work, I’ve been building offensive security tools, responding to real incidents, and hardening cloud infrastructure. At SportsExcitement I run pentests, manage WAF and firewall rules, and handled a live cryptojacking incident from detection through eviction. Before that, I taught DFIR labs at UMD and built SIEM correlation rules at Phoenix Global.

My approach: map the attack surface manually first, then run tools. The interesting vulnerabilities, the ones that chain into actual compromise, live in the gaps between what scanners check.

Credentials

Certifications

Offensive Security Experienced Penetration Tester (OSEP)

48-hour proctored attack lab. Focused on Evasion and Advanced Penetration Testing.

Certified Red Team Expert (CRTE)

Advanced Active Directory exploitation and lateral movement in a multi-forest environment.

AWS Security Specialty

Cloud IR, infrastructure protection, and IAM security architecture.

CompTIA Security+

Security foundations and core principles.

CCNA

Routing, switching, and network infrastructure.

(ISC)² CC

Cybersecurity governance and risk management.

Background

Education

M.Eng. in Cybersecurity

University of Maryland, College Park - May 2025

B.Tech. in Computer Science

GITAM, India - Apr 2023

Capabilities

Technical Skills

Offensive Security

Penetration testing, AV and EDR evasion, Active Directory exploitation (Kerberoasting, AS-REP roasting, DCSync, Golden/Silver Ticket, RBCD, ADCS ESC1-8, Shadow Credentials), payload development, process injection (hollowing, early bird), AMSI/CLM/AppLocker bypass, direct and indirect syscalls, D/Invoke, LOLBin abuse, PPID spoofing. Tooling: Cobalt Strike, Sliver, Havoc, Burp Suite, Metasploit, BloodHound/SharpHound, Neo4j, Impacket, Mimikatz, Rubeus, Certipy, PowerView, Evil-WinRM, CrackMapExec, Responder, Nmap, Nessus, Donut, ScareCrow, ffuf, SQLMap, Nuclei, Ligolo-ng, Chisel, proxychains.

Cloud and Infrastructure

AWS (IAM, S3, EC2, Lambda, GuardDuty, CloudTrail, Security Hub, Config, Organizations, SCPs, VPC Flow Logs), Azure RBAC, Cloudflare (WAF, Access, DDoS mitigation), IONOS Cloud, Pacu, Prowler, ScoutSuite, enumerate-iam, Terraform, KMS, iptables, NAT Gateway, Docker, CloudFormation, Boto3.

Detection and Response

Splunk, ELK, SIEM correlation rule authoring, Sigma and YARA rules, threat hunting, memory forensics, incident response, vulnerability assessment. Tooling: Sysmon, Volatility, KAPE, Chainsaw, Hayabusa, Eric Zimmerman tools, FTK Imager, Wireshark, CyberChef, CloudWatch.

Languages and Frameworks

Python, Bash, PowerShell, JavaScript, Ruby, C#/.NET, VBA, YAML, SQL, Git, Docker. Frameworks and compliance: MITRE ATT&CK, PTES, OWASP Top 10, OWASP Top 10 for LLMs, NIST 800-53, PCI-DSS, HIPAA, GDPR, CMMC, secure SDLC.

ATT&CK coverage map →