Hi, my name is Marco, also known as brmk.
I’ve been passionate about offensive security for years, spending most of that time trying to stay ahead in a field that actively moves the goalposts. My main focus is adversary emulation and red teaming, areas that keep me honest because the moment you get comfortable, something changes. Every day, I’m learning something, breaking something, and understanding a little more than I did yesterday.
Outside of engagements, I run a homelab that serves as both research environment and personal source of suffering. If you hear someone quietly losing their mind over DNS, VPN, or some provisioning issue that definitely worked yesterday, that’s probably me.
The aim of this blog is simple: share what I’m learning, what I discover, and what I find worth passing on… from someone who is still very much on the journey.
I write in English because that’s where this community lives. My native language is Italian, and some of my phrasing will occasionally be a little “delirio”. I’ve made peace with that.
As a bit of background, I can share some of the certifications and training sessions I’ve attended over the years. This isn’t a comprehensive list, and I understand that certificates do not prove anything, but… it’s a bit of nerdy vanity.
| Year | What | Title |
|---|---|---|
| 2025 | OSEP | Offensive Security Experienced Penetration Tester |
| 2024 | GCIH | GIAC Certified Incident Handler + GIAC Advisory Board |
| 2024 | Training | Empire Operations: Tactics (Turla) |
| 2023 | Training | SpecterOps - Advanced Tactics: Red Team Operations |
| 2023 | Training | MalOpSec -> EDR: The Great Escape |
| 2023 | CRTO | Certified Red Team Operator |
| 2022 | eCPTXv2 | eLearnSecurity Certified Penetration Tester eXtreme v2 |
| 2022 | CARTP | Certified Azure Red Team Professional |
| 2020 | CRTP | Certified Red Team Professional |
| 2019 | eJPT | eLearnSecurity Certified Junior Penetration Tester |
I also enjoy partecipating in Capture the Flag competitions and challenging myself in “complex” environment like:
| Year | Provider | Labs |
|---|---|---|
| 2024 | VulnLab - Labs | Wutai Master |
| 2023 | HackTheBox - ProLabs | Rastalabs - Red Team Operator I |
| 2021 | HackTheBox - ProLabs | Offshore - Penetration Tester II |