// rootdrifter — security practitioner

Root//Drifter

Hardened systems · offensive methodology · detection engineering

● Cleared ● Active ● Available
View portfolio → Read the blog ↓
// platform status Rootdrifter.io is in pre-launch. Content is being prepared and reviewed. Subscribe below to receive immediate access when transmissions go live.

About

rootdrifter is the working handle of a security-cleared professional building toward cleared entry-level roles in the UK, Netherlands, and Germany. The clearance is held now — not pending a conditional offer — which is stated here as a plain fact rather than a pitch: it means deployment to cleared work without the months-long vetting wait most graduates carry.

The approach is to build and to break with the same discipline, and to document both to a standard a reviewer can audit. That has produced a hardened Linux workstation and a compartmentalised mobile platform, a grey-box penetration test mapped to recognised benchmarks, and dissertation-level research into whether language models can reason causally about social engineering rather than just pattern-match it. Current focus: CompTIA Security+, active CTF practice, and a Wazuh SIEM home lab for hands-on detection engineering.

Academic background: a First Class BSc in Computer Networks & Cyber Security from [UNIVERSITY]. Named CV available on request — this site stays pseudonymous by design. ([YOUR NAME] on a formal application.)

Portfolio

ironveil · defensive

Hardened Fedora workstation — LUKS2 full-disk encryption unlocked by a FIDO2 hardware key, remote pre-boot SSH unlock, and all DNS filtered before it leaves the host.

3-keyslot LUKS2 · Nitrokey 3A NFC · WireGuard egress spectre · offensive

Grey-box pentest of an Apache 2.4.58 host from a CIS-L1 PostgreSQL server — PTES, findings mapped to CWE / CIS / ISO 27002, SHA-256 evidence chain.

7 findings · primary CWE-548 · SHA-256 chain mirage · research

Causal LLM evaluation over an 88,647-email phishing corpus — can frontier models reason about social engineering, or only pattern-match it?

88,647 emails · ICC 0.98 · GPT-4 94.2% DAG

Full portfolio →  rootdrifter.github.io

Latest writing

12 Jun 2026 News
Coming soon

This is rootdrifter, a brand new site by rootdrifter that's just getting started. Things will be up and running here shortly, but you can subscribe in the m

Read →
11 Jun 2026 4 min read pentest-methodology INCOMING
nmap: Beyond the Basics

Everyone runs nmap. Fewer people read it properly. A practical tour of scan types, NSE, output, timing, and evasion.

Read →
11 Jun 2026 pentest-methodology INCOMING
Building a Repeatable Enumeration Framework

Enumeration is where engagements are won or lost. The fix is not a better tool — it is a process you run identically every time.

Read →

All posts →

12 transmissions in preparation · Subscribe for early access

Active work

In progress CompTIA Sec+ SY0-701
In progress Wazuh SIEM home lab — detection engineering
Active CTF practice — TryHackMe / HackTheBox
Launching rootdrifter.io — content platform, pre-launch phase
Available Cleared entry-level roles — UK / NL / DE

Contact

// available for cleared work

[email protected]  ·  github.com/rootdrifter

Open to cleared security roles in the UK, Netherlands, and Germany. CV available on request.