About me
Victor Åhgren
I break things so you can fix them before the bad guys even know they’re break-able.
I’m Victor Åhgren—offensive-security consultant, builder-turned-breaker (and back again when it counts). My story starts at age 9, hijacking the Adobe Suite to create digital art; a few years later I was sculpting polygons in 3-D modelling tools. That early tinkering mutated into a full-blown obsession with how complex systems tick—and how to make them tick differently.
After several years of engineering studies (the maths still make me grin), I found my true arena: cyber security. Today I spend most of my waking hours stress-testing other people’s infrastructure—penetration testing, red-teaming, exploit development—while keeping one foot squarely in the blue side to ensure the fixes are as elegant as the hacks.
What I bring to the table
Attacker’s mindset, defender’s discipline. I model threats like a malicious actor, then design counter-measures like a seasoned SRE.
Polyglot engineering chops. Golang, Rust, Python, bash dark-arts—whatever solves the puzzle fastest.
Evidence-driven pragmatism. No snake oil, no hand-waving—just reproducible results and well-documented findings.
Relentless curiosity. If it’s undocumented, I’ll map it. If it’s “unbreakable”, I’ll prove otherwise (politely).
When I’m not rooting boxes, you’ll find me hunting bug bounties, mentoring newcomers, or neck-deep in obscure math papers for fun. Got a system that must withstand real-world adversaries? Let’s poke holes in it—then weld it shut.
Secure the chaos. Own the unknown. That’s the mission.
Skills
I speak fluent Kali—every tool in that distro from Nmap and Burp to BloodHound and CrackMapExec is muscle memory. My day-to-day kit expands into a constellation of open-source weapons: Ghidra, IDA, Binary Ninja, radare2 and Volatility for tearing malware apart; AFL++, libFuzzer and custom Go/Rust fuzzers for shaking bugs out of binaries; Subfinder, Amass, ffuf and nuclei for reconnaissance that actually finishes while coffee’s still hot. I juggle both ends of the kill chain: red-team staples like Sliver and Cobalt Strike for breaking in, then Zeek, Suricata, Velociraptor and Sigma/YARA detection engineering for making sure the next guy can’t.
On the code front I move comfortably between Rust, Go, Python, Bash, C/C++ and a dash of TypeScript—choosing whichever syntax solves the puzzle fastest. Cloud and container security are table stakes: AWS, GCP, Azure, Docker, Kubernetes, Terraform and GitHub Actions pipelines all bend to the same threat-modeling rigor I bring to bare-metal exploits.
Cryptography is where the hobby meets the hard horizon. My magnum opus is a post-quantum-safe, end-to-end messaging platform that hybridises Kyber/Dilithium key exchange with a double-ratchet on steroids—forward secrecy, metadata hardening, group chats, the works—engineered to survive harvest-now-decrypt-later and the quantum winter that follows.
Bottom line: whether it’s ripping binaries apart, plugging SIEM gaps, or future-proofing your comms against qubits, I’ve probably already written the tool—or the proof-of-concept exploit—to get it done.
What I offer?
Services
I sell mind-hacks, not magic beans. Whether you need a one-off red-team raid or a steady hand hardening your estate for years to come, I’m game.
Engageme Pen-testing & adversary simulation<br>• Cloud & container breakouts (AWS, GCP, Azure, K8s)<br>• Social-engineering ops & phishing campaigns<br>• Exploit/PoC development with full write-ups • Rapid incident triage & forensics<br>• Threat-hunt sprints & log-pipeline tuning<br>• Architecture reviews & hardening roadmaps<br>• “Blue-Team Boost” workshops (8–40 h)
Long-Term / Embedded • Continuous red-teaming (“assume breach” model)<br>• Purple-team programs (attack + defend side-by-side)<br>• Secure SDLC integration & code-review pipelines • SOC build-out & maturity scaling (SIEM, SOAR)<br>• Detection-rule engineering (Sigma, YARA, custom Golang/Rust tooling)<br>• Threat-model ownership & risk governance<br>• Security champion mentorship across dev squads
How I Operate
1. Recon > Reality Check – No canned checklists; I profile your threat landscape first.
2. Attack, Measure, Iterate – Fast feedback loops, exploit demos, quantifiable deltas.
3. Docs Developers Actually Read – Action-ready tickets, not PDF graveyards.
4. Knowledge Transfer – I teach your team to outgrow me; repeat business comes from trust, not lock-in.
Tech Stack Highlights
Languages: Go, Rust, Python, Bash-fu, a dash of C when performance screams.
Cloud/Infra: Terraform, Kubernetes, CI/CD, zero-trust networking (WireGuard, Tailscale).
Def tooling: Zeek, Suricata, Velociraptor, custom Golang detectors.
Off tooling: Cobalt Strike, Sliver, custom implants, Houdini-grade phishing kits.
Need a scalpel or a sledgehammer? Ping me, and let’s pick the right tool for the breach.
Services
I sell mind-hacks, not magic beans. Whether you need a one-off red-team raid or a steady hand hardening your estate for years to come, I’m game.
• Pentesting & adversary simulation
• Cloud & container breakouts (AWS, GCP, Azure, K8s)
• Social-engineering ops & phishing campaigns
• Exploit/PoC development with full write-ups
• Rapid incident triage & forensics
• Threat-hunt sprints & log-pipeline tuning
• Architecture reviews & hardening roadmaps
• “Blue-Team Boost” workshops (8–40 h)
Long-Term / Embedded
• Continuous red-teaming (“assume breach” model)
• Purple-team programs (attack + defend side-by-side)
• Secure SDLC integration & code-review pipelines
• SOC build-out & maturity scaling (SIEM, SOAR)
• Detection-rule engineering (Sigma, YARA, custom Golang/Rust tooling.