Martin Tsenkov

Red Teamer • SysAdmin

About Me

I'm from one of Bulgaria’s major cities and hold a degree in Cybersecurity from the Bulgarian Naval Academy. I’m currently pursuing a master’s degree in Cybersecurity too. I work as a system administrator, dealing with real infrastructure, servers, networks, access control, service reliability and troubleshooting. I have a solid background in electronics – from microchips and SMD components to real-world circuit analysis. I’m drawn to challenges most people avoid – the harder it gets, the more focused I become. Life taught me that nothing is truly impossible — you just need to find the right angle, the hidden door, the weakness in the system. I believe every problem has a workaround. You just have to look harder, try again, and press the right spot. Offensive security fascinates me because it's full of backdoors — both in code and in mindset. Outside the lab, I lift heavy and read books about Bulgarian history.

Interests

  • Red teaming & offensive operations
  • Industrial control systems (ICS/SCADA) security
  • Real-world CVEs, AD privilege escalation, and post-exploitation techniques
  • Applied cryptography & protocol analysis
  • Network-based attacks — wired & wireless
  • Active Directory offense (Kerberos/NTLM abuse, ticket attacks, Kerberoasting)
  • Building and sharing cybersecurity content — YouTube videos, labs, tutorials
  • Physical security
  • Certifications in progress / goal: OSCP, OSEP, CRTO, PNPT, CRTE
  • Bulgarian history & national identity
  • Heavy lifting

Projects

  • I’ve built reproducible pentest labs using platforms such as VulnHub, Hack The Box, Metasploitable, OWASP Juice Shop, DVWA, Oracle VirtualBox and GNS3.
  • ESP32 alarm system
    Full-featured ESP32 alarm system with Telegram integration. This is not just an IoT prototype — it’s a practical example of secure embedded system design: persistent state across reboots, failover logic, watchdog concepts, and a separately powered relay/siren circuit. Built from scratch, the project combines hardware, firmware and cybersecurity practices. Pride: a complete end-to-end system that few people build — hardware, software and secure operation all in one.
  • Physical Security Floor Planner
    Built a lightweight desktop application for physical security planning and site assessment workflows. The tool helps create simple 2D floor layouts, place doors and windows, mark cameras, alarm sensors, IT assets, cable paths and notes, then save everything as a portable project file. It is packaged as a real Windows desktop app using Tauri, with .psfp project files, PNG export, autosave recovery and an installable release. Pride: turning a practical physical pentest workflow into a real desktop tool — not just another script or lab demo.
    Download / View on GitHub

Skills & Familiarity

Infrastructure, Systems & Security

  • Infrastructure & Systems Administration: server configuration, service deployment, access control, certificates, troubleshooting and operational reliability.
  • Network Administration & Firewall Security: Configurations, firewall rules, routing, NAT, VLAN, VPN connectivity, wireless networking and secure network access.
  • Infrastructure Security: server hardening, firewall policy, authentication controls, exposed service review and attack surface reduction.
  • Incident Response & Troubleshooting: investigation of server, network and service issues through logs, diagnostics, root-cause analysis and recovery actions.
  • Docker & Containerized Services: deployment and maintenance of Docker-based services, Compose stacks, networking, volumes, environment configuration and logs.
  • Identity, Data & Secure APIs: hands-on work with Keycloak, role-based access control, PostgreSQL-backed systems, auditability, protected APIs and secure backend integration.
  • Monitoring, Logging & Resilience: service logs, Docker logs, system status checks, Wazuh/SIEM foundations, centralized log visibility and recovery-oriented troubleshooting.
  • Operational Ownership & System Design: responsibility for real infrastructure and internal services, with attention to reliability, access control, auditability and maintainability.

Offensive security

  • Wired and wireless network attacks: ARP spoofing / poisoning, VLAN hopping, MAC flooding / spoofing, rogue DHCP, Evil Twin / Rogue AP, deauthentication attacks and WPA/WPA2 handshake capture.
  • Web application security: familiar with common attack classes such as XSS, SQL injection, session hijacking, JWT validation issues and insecure direct object references.
  • Active Directory attack concepts: familiar with Kerberos/NTLM abuse techniques such as Kerberoasting and ticket-based attack scenarios.
  • Security tooling: practical familiarity with tools such as Nmap, Wireshark, Burp Suite, Metasploit, Nikto, SQLMap, Hydra, John the Ripper, Aircrack-ng and related utilities.
  • Physical Security Audits: assessment of physical access risks, operational exposure points and practical security controls.
  • Reconnaissance & Attack Surface Mapping: service discovery, port scanning, web enumeration, fingerprinting and identification of exposed services.
  • Vulnerability Assessment & Misconfiguration Review: identifying weak access controls, insecure configurations, exposed panels, risky services and practical remediation paths.
  • API Security Testing: testing authentication, authorization, role-based access, insecure object access and backend-enforced security boundaries.

Contact



          

            Reach out via email or
            @azsumbeee.
            Also on GitHub and
            LinkedIn.