Kaan Gültekin

Sofware Engineering Student - Sofware Developer - Open Source Enthusiast - Cybersecurity Researcher

Profile Banner

About Me — Kaan Gültekin

Who I Am

I’m Kaan Gültekin — a software engineering student, software developer, and cybersecurity researcher.
I specialize in automation-first tooling, offensive security research, and open-source projects that support both red-team testing and defensive security awareness.

Projects

🔹 Offensive Frameworks & Red Team Automation

AutoPWN-Suite

A comprehensive offensive automation framework that streamlines post-exploitation and red-team workflows. AutoPWN-Suite has gained wide recognition across the security community and remains one of my most impactful open-source contributions.

  • Automates common offensive tasks into a unified workflow.
  • Reduces time for red teams and security researchers.
  • Widely adopted and cited within the infosec community.

🔹 USB / Hardware Exploitation

BadUSB-Browser

A BadUSB proof-of-concept demonstrating how malicious USB devices can interact with browsers to execute payloads.

  • Explores USB attack vectors against browser contexts.
  • Helps defenders understand peripheral-based threats.
  • For lab testing and awareness training only.

BadUSB-Meterpreter

A USB exploitation PoC integrating BadUSB techniques with Meterpreter sessions.

  • Demonstrates cross-vector attack surfaces.
  • Serves as a red-team training scenario.
  • Strictly research-oriented with clear defensive lessons.

VBSBadUSB

A VBScript-based BadUSB research project, showing how lightweight scripting can still be leveraged for malicious USB behaviors.

  • Small-scale scripting PoC for awareness.
  • Highlights that legacy scripting languages remain exploitable.
  • Designed for educational and defensive purposes.

🔹 PowerShell Tools & Research

A PowerShell utility for fast file discovery across systems.

  • Locates files based on patterns and parameters.
  • Simplifies data discovery in Windows environments.
  • Lightweight, efficient, and open-source.

PowerShell Network Scanner

A PowerShell utility for scanning networks to discover online devices and enumerate open ports.

  • Searches the entire network to identify active hosts.
  • Scans discovered hosts for the top 1000 ports.
  • Fast, scriptable, and easy to use for quick reconnaissance.

PowerShell Fileless Malware (Research Project) (not public)

A private proof-of-concept exploring fileless PowerShell techniques to study in-memory execution and evasion strategies. This work is not publicly released and is used for controlled defensive and academic research.

  • Demonstrates modern fileless attack patterns in controlled environments.
  • Used to develop detection and mitigation strategies.
  • Intended for internal/academic defensive research only.

🔹 Recon & OSINT Tools

CompanyEnum

An OSINT reconnaissance tool for gathering open-source information about organizations. CompanyEnum automates company profiling and delivers results through a clean Web UI, making it efficient for both recon and defensive validation.

  • Aggregates scattered public company data into one view.
  • Speeds up reconnaissance with a visual interface.
  • Useful for red-team recon and blue-team validation.

👉 Explore all projects →

Certifications

Google Cybersecurity Professional Certificate (v2)

Google Cybersecurity Professional Certificate Badge

Earned through Coursera, this certification covers eight professional courses totaling 130+ hours of guided cybersecurity training. The curriculum includes hands-on labs and defensive practices, focusing on incident response, network security, threat analysis, SIEM management, and Python automation.

Courses Completed

  1. Foundations of Cybersecurity
  2. Play It Safe: Manage Security Risks
  3. Connect and Protect: Networks and Network Security
  4. Tools of the Trade: Linux and SQL
  5. Assets, Threats, and Vulnerabilities
  6. Sound the Alarm: Detection and Response
  7. Automate Cybersecurity Tasks with Python
  8. Put It to Work: Prepare for Cybersecurity Jobs
  • Total Learning Time: 130+ hours
  • Issuer: Google / Coursera
  • Credential: View on Credly

Google IT Automation with Python Professional Certificate(v.1)

Google IT Automation with Python Professional Certificate Badge

Earned through Coursera, this certification covers six professional courses totaling 130+ hours of guided IT automation training. The curriculum includes hands-on labs and practical projects, focusing on Python programming, version control with Git, troubleshooting, configuration management, and cloud automation.

Courses Completed

  1. Crash Course on Python
  2. Using Python to Interact with the Operating System
  3. Introduction to Git and GitHub
  4. Troubleshooting and Debugging Techniques
  5. Configuration Management and the Cloud
  6. Automating Real-World Tasks with Python
  • Total Learning Time: 130+ hours
  • Issuer: Google / Coursera
  • Credential: View on Credly

Research

My research focuses on bridging offensive innovation with defensive application.
Instead of building exploits for exploitation’s sake, I design projects that highlight blind spots in detection, help blue teams test defenses, and provide insights for security education.

Key Research Areas

  • Fileless & In-Memory Attacks — Analyzed adversary TTPs to improve EDR/SOC visibility
  • USB Attack Vectors — Demonstrated hardware threat paths
  • Offensive Automation — Studied automation’s impact on post-exploitation
  • Disclosure & Collaboration — Responsible vulnerability reporting (e.g., Discord)

Recognition & Achievements

  • TryHackMe — Ranked #1 in Turkey and Top 11 globally
  • Discord — Recognized on their Security page for a reported vulnerability
  • AutoPWN-Suite — Widely cited and adopted open-source offensive framework
  • Google Cybersecurity Professional Certificate V2 — Completed 8-course professional program with 130+ hours of training
  • Google IT Automation with Python Professional Certificate(v.1) — Completed 6-course professional program with 130+ hours of training
  • Research Contributions — Public PoCs and technical articles that support the security community

Publications & Media

  • Invited contributor to Pentest Magazine
  • Authored multiple open-source research notes and PoCs on GitHub

Collaboration & Ethics

I operate under a strict ethics-first framework:

  • Controlled lab testing only
  • Defensive documentation for each PoC
  • Responsible vulnerability disclosure
  • Educational and transparent goals

Email GitHub LinkedIn Twitter