Available for Contributions

Zarni Aung {NEO}

// _

What I did: Architected and deployed scalable enterprise IT infrastructures.

What I do now: Secure critical networks, lead and develop Mindflow.care as founder.

What I love to do: Security research, custom tools, CTFs, lab from HTB/THM and anime.

Red TeamingCybersecurityToolingVAPTWebSecNetSecVulnerability ResearchSystem Architecture

View Projects LinkedIn ↗

3+·Years in IT╱13·Certifications

// Projects

Selected Work

NETWORK SECURITY • CRITICAL INFRA

Network Security Engineer @ Changi Airport (Sep 2024 - Present)

Managed critical network systems at Changi Airport, including AOT & LCD LIDAR Networks, UAV Anti-Drone System, and Key Management System. Conducted Vulnerability Assessment and Penetration Testing (VAPT) and contributed to ISO 27001 ISMS compliance. Designed secure network infrastructures and managed Fortinet and Cisco network security devices. Implemented Zabbix for real-time monitoring of network health.

fortinetciscoipsecvaptcompliancezabbixiso27001linux serverlidar

SYSTEMS ENGINEERING • IT DEPLOYMENT

Freelance System Engineer @ Aridient Co. (Jun 2023 - Jul 2024)

Designed and implemented new IT systems tailored to client business requirements, including operational management systems for K2 Guesthouse and F&B businesses. Deployed servers, hardware, and implemented Active Directory for medium-sized businesses. Managed user accounts, permissions, and security settings while providing training on system operations.

Active directorywindows serversystem adminlinux serverroutingswitchingkubernetescontainers

ENTERPRISE NETWORKING • INFRASTRUCTURE

Assistant Network Engineer @ Global Tech (Jan 2021 - Apr 2022)

Designed, implemented, and troubleshot enterprise network infrastructures. Configured and managed firewalls, routers, and switches in high-availability environments. Contributed to the configuration of BGP, OSPF and IPSEC. Supported the deployment of VMware servers, storage systems, and managed Windows Server installations including Active Directory.

VMwareBGP/OSPFFirewallsRouting & Switching

HEALTH TECH • PRODUCT LEADERSHIP

Creator @ Mindflow.care (Development)

Leading the vision, product strategy, and technical direction for Mindflow, a platform designed to make emotional support radically accessible. Engineered a digital space that blends emotional wellness tools—such as mood tracking and journaling—with real human connection to empower users to reflect, connect, and grow. www.mindflow.care

productmindflowstrategichealthtechdesign

OFFENSIVE TOOLS • RECON

BBrecon

Developed a lightning-fast reconnaissance tool designed specifically for bug bounty hunters and penetration testers. Automates the discovery and enumeration phases of security assessments to map external attack surfaces efficiently. https://github.com/zarni99/bbrecon

gobugbountyreconautomation

NETWORK SECURITY • COMPLIANCE

FortiOS Hardening Validator

Built an automated validation tool to audit Fortinet FortiOS configurations against strict security best practices. Streamlines the firewall hardening process and ensures enterprise networks maintain compliance with industry standards. https://github.com/zarni99/fortios_hardening_validator

pythonfortinethardeningauditautomation

RED TEAMING • OFFENSIVE SECURITY

Redmac

Developed a tactical red teaming utility focused on network evasion and identity manipulation. Built to assist in stealthy network movement and bypassing MAC-based access controls during adversary simulation engagements. https://github.com/zarni99/redmac

redteamevasion

OFFENSIVE SEC • POST-EXPLOITATION

Redtriage

Created a streamlined triage and enumeration tool tailored for red team operations. Assists operators in rapidly gathering critical host information, identifying misconfigurations, and gaining situational awareness during the post-exploitation phase. https://github.com/zarni99/redtriage

redteampostexploitenumeration

Recent GitHub Activity

zarni99 ↗

fortios_hardening_validator6

A comprehensive security audit tool for FortiGate devices

Python

heretic

Fully automatic censorship removal for language models

bbrecon3

Recon Tool for Bug Bounty Hunters

// Writing

Latest Posts

View All Posts

#01HTB Writeup

03 Apr 2026

HTB: DevArea

Medium Linux box. SOAP XOP/MTOM file read leaks Hoverfly creds from a systemd unit file. Middleware RCE gives a shell as dev_ryan. World-writable /usr/bin/bash + sudo syswatch.sh = root.

Unlock to Read

#02HTB Writeup

21 Mar 2026

HTB: Variatype

Git leak to portal creds. fontTools arbitrary file write drops a webshell, FontForge ZIP command injection pivots to user, setuptools path traversal writes root's SSH key. Three CVEs, full chain.

// Credentials

Certification Vault

// Contact

Reach Out_

Open to collaborations and security research.

// contact.channels[]

Zarni Aung {NEO}

Selected Work

Network Security Engineer @ Changi Airport (Sep 2024 - Present)

Freelance System Engineer @ Aridient Co. (Jun 2023 - Jul 2024)

Assistant Network Engineer @ Global Tech (Jan 2021 - Apr 2022)

Creator @ Mindflow.care (Development)

BBrecon

FortiOS Hardening Validator

Redmac

Redtriage

Latest Posts

HTB: DevArea

HTB: Variatype

Certification Vault

Reach Out_

HTB: CCTV

Certified Web Security Expert

Certified Associate Penetration Tester

Licensed Penetration Tester (Master)

Certified Penetration Testing Professional

ISO/IEC 27001:2022 INFORMATION SKILLFRONT SECURITY ASSOCIATE™

Cisco Certified Network Professional

Certified Network Security Practitioner

Certified Ethical Hacker

Junior Penetration Tester

Cyber Threat Intelligence 101

Google Cybersecurity

Blue Team Junior Analyst

Practical Junior Penetration Tester