Kaan Gültekin

Sofware Engineering Student - Sofware Developer - Open Source Enthusiast - Cybersecurity Researcher

Profile Banner

About Me — Kaan Gültekin

Who I Am

I’m Kaan Gültekin — a software engineering student, software developer, and cybersecurity researcher.
I specialize in automation-first tooling, offensive security research, and open-source projects that support both red-team testing and defensive security awareness.

Projects

🔹 Offensive Frameworks & Red Team Automation

AutoPWN-Suite

A comprehensive offensive automation framework that streamlines post-exploitation and red-team workflows. AutoPWN-Suite has gained wide recognition across the security community and remains one of my most impactful open-source contributions.

  • Automates common offensive tasks into a unified workflow.
  • Reduces time for red teams and security researchers.
  • Widely adopted and cited within the infosec community.

🔹 USB / Hardware Exploitation

BadUSB-Browser

A BadUSB proof-of-concept demonstrating how malicious USB devices can interact with browsers to execute payloads.

  • Explores USB attack vectors against browser contexts.
  • Helps defenders understand peripheral-based threats.
  • For lab testing and awareness training only.

BadUSB-Meterpreter

A USB exploitation PoC integrating BadUSB techniques with Meterpreter sessions.

  • Demonstrates cross-vector attack surfaces.
  • Serves as a red-team training scenario.
  • Strictly research-oriented with clear defensive lessons.

VBSBadUSB

A VBScript-based BadUSB research project, showing how lightweight scripting can still be leveraged for malicious USB behaviors.

  • Small-scale scripting PoC for awareness.
  • Highlights that legacy scripting languages remain exploitable.
  • Designed for educational and defensive purposes.

🔹 PowerShell Tools & Research

A PowerShell utility for fast file discovery across systems.

  • Locates files based on patterns and parameters.
  • Simplifies data discovery in Windows environments.
  • Lightweight, efficient, and open-source.

PowerShell Network Scanner

A PowerShell utility for scanning networks to discover online devices and enumerate open ports.

  • Searches the entire network to identify active hosts.
  • Scans discovered hosts for the top 1000 ports.
  • Fast, scriptable, and easy to use for quick reconnaissance.

PowerShell Fileless Malware (Research Project) (not public)

A private proof-of-concept exploring fileless PowerShell techniques to study in-memory execution and evasion strategies. This work is not publicly released and is used for controlled defensive and academic research.

  • Demonstrates modern fileless attack patterns in controlled environments.
  • Used to develop detection and mitigation strategies.
  • Intended for internal/academic defensive research only.

🔹 Recon & OSINT Tools

CompanyEnum

An OSINT reconnaissance tool for gathering open-source information about organizations. CompanyEnum automates company profiling and delivers results through a clean Web UI, making it efficient for both recon and defensive validation.

  • Aggregates scattered public company data into one view.
  • Speeds up reconnaissance with a visual interface.
  • Useful for red-team recon and blue-team validation.

👉 Explore all projects →

Certifications

Google Cybersecurity Professional Certificate (v2)

Google Cybersecurity Professional Certificate Badge

Earned through Coursera, this certification covers nine professional courses totaling 130+ hours of guided cybersecurity training. The curriculum includes hands-on labs and defensive practices, focusing on incident response, network security, threat analysis, SIEM management, and Python automation.

Courses Completed

  1. Foundations of Cybersecurity
  2. Play It Safe: Manage Security Risks
  3. Connect and Protect: Networks and Network Security
  4. Tools of the Trade: Linux and SQL
  5. Assets, Threats, and Vulnerabilities
  6. Sound the Alarm: Detection and Response
  7. Automate Cybersecurity Tasks with Python
  8. Put It to Work: Prepare for Cybersecurity Jobs
  • Total Learning Time: 130+ hours
  • Issuer: Google / Coursera
  • Credential: View on Credly

Research

My research focuses on bridging offensive innovation with defensive application.
Instead of building exploits for exploitation’s sake, I design projects that highlight blind spots in detection, help blue teams test defenses, and provide insights for security education.

Key Research Areas

  • Fileless & In-Memory Attacks — Analyzed adversary TTPs to improve EDR/SOC visibility
  • USB Attack Vectors — Demonstrated hardware threat paths
  • Offensive Automation — Studied automation’s impact on post-exploitation
  • Disclosure & Collaboration — Responsible vulnerability reporting (e.g., Discord)

Recognition & Achievements

  • TryHackMe — Ranked #1 in Turkey and Top 11 globally
  • Discord — Recognized on their Security page for a reported vulnerability
  • AutoPWN-Suite — Widely cited and adopted open-source offensive framework
  • Google Cybersecurity Certificate (v2) — Completed 9-course professional program with 130+ hours of training
  • Research Contributions — Public PoCs and technical articles that support the security community

Publications & Media

  • Invited contributor to Pentest Magazine
  • Authored multiple open-source research notes and PoCs on GitHub

Collaboration & Ethics

I operate under a strict ethics-first framework:

  • Controlled lab testing only
  • Defensive documentation for each PoC
  • Responsible vulnerability disclosure
  • Educational and transparent goals

Email GitHub LinkedIn Twitter