SyedSaqlain.

I build the attackers, so defenders get to practice.

Attack Automation Engineer · IBM Randori HOC · Dublin
02-about

Seven years inside offensive security - most days at IBM's Randori HOC, writing the Python that simulates real-world adversaries at enterprise scale.

I came up the long way: secure databases at Kore, then 150+ pentests at ML Labs, then a 1:1 MSc at NCI, and now I get to build the tools instead of just running them.

Currently
  • BuildingRandori adversary modules
  • ReadingPractical Binary Analysis
  • ListeningDarknet Diaries
  • TinkeringCustom nuclei templates
7+ yrs 150+ pentests MSc 1:1 · NCI CCEP · CEH · CPT
Attack AutomationAdversary SimulationPenetration TestingDevSecOpsThreat IntelAttack AutomationAdversary SimulationPenetration TestingDevSecOpsThreat IntelAttack AutomationAdversary SimulationPenetration TestingDevSecOpsThreat Intel
03 - selected

Three projects I'd show my mom if she asked.

All case studies
2024 - Presentwhat I'm on right now
IBM Randori - Attack Automation Platform
IBM Software · Dublin

Building Python automation that simulates real adversary TTPs across IBM Randori's Recon and Attack platforms, integrated with IBM X-Force threat intelligence.

PythonNucleiKubernetesDockerX-ForceMITRE ATT&CK
Read full case study →
022023 - 2024
ML Labs - Penetration Testing Practice
ML Labs · Dublin
Penetration TestingBurp SuiteMetasploit
032024
Security of EV Charging Systems
MSc Capstone · National College of Ireland
ResearchOCPPIoT
042020 - 2022
Security Automation Programme
Kore Digital · Karachi
PythonPowerShellAutomation
04-philosophy
“Scanners catch maybe twenty percent of what matters. The rest needs a human who's read the RFC, patched a container breakout, or traced TCP flags at 2am. I do both.
- SS, written somewhere over the Irish Sea, 2025
04 - a thing I made

Attack paths, visualised.

I built this little visualiser one weekend because I got tired of static MITRE diagrams. Three real-world attack chains. Hover a node.

SIM · TA0001 → TA0008 → TA0010
ReconInitial accessPriv escalationLateralPersistenceObjective
live · 0%
Hover a node to inspect techniqueSee full case studies
05-postcard

If you're curious what I'm on this week - what I'm reading, the open threads in my notebook, the small experiments running on the side - there's a /now page for that. Updated more often than the rest of the site.