// whoami

Christopher Elliott

Senior Cyberspace Capability Developer and OSCP+ certified offensive security engineer. Focus on Windows internals, Win32 API exploitation, and advanced capability development for offensive cyber operations.

View Projects Contact Me →
// about_me

About

Senior cyberspace capability developer with experience spanning offensive and defensive cyber operations, with a specialization in persistence mechanisms through the Win32 API. Leads the agile development process for a crew of four Cyberspace Capability Developers, managing stakeholder expectations end-to-end.

Proven track record developing advanced system-specific capabilities that enable offensive cyber operations, leading battalion-level Defensive Cyber Operations planning, and conducting enterprise network assessments that measurably improve security posture.

Clearance
TS/SCI w/ CI Polygraph
Location
Atlanta, GA
Focus
Offensive Capability Dev & Red Team
Certs
OSCP+, CISSP
Languages
English (native), Turkish (conversational — DLPT 1+/2)
Christopher Elliott
// skill_set

Skills

Languages

C Python C++ C# Matlab

Certifications

OSCP+ CISSP

Tools & Technologies

Git GitLab CI/CD Docker CMake Make Poetry LaTeX Mathematica

Domains

Win32 API Offensive Cyber PE Format DCO Network Assessment Agile Dev
// work_history

Experience

Senior Cyberspace Capability Developer

Aug 2024 — Present

780th Military Intelligence Brigade · Fort Eisenhower, GA

  • Develop Windows-specific cyberspace capabilities that support and enable offensive cyber operations.
  • Core skillset: Windows userland C/C++ via the Win32 API — custom network communication protocol design and persistence techniques like reflective loading, custom enumeration implants, and custom network proxies.
C C++ Win32 API PE Format Windows Internals

CCD Crew Lead

Jun 2023 — Aug 2024

U.S. Army Cyber Protection Brigade · Fort Eisenhower, GA

  • Managed development, testing, and deployment of a containerized TTP Analytic and knowledge management solution supporting and validating the Army CIO's GitLab cDSO pipeline.
  • Built a PowerShell module emulating FTP network traffic for the Brigade's Cyber Threat Emulation cell, deployed during the Brigade's premier annual exercise.
  • Core skillset: Linux user-level C and Python — networking, encryption, file I/O, and thread management.
C Python Docker GitLab CI/CD PowerShell

Assistant Operations Officer

Jun 2022 — Jun 2023

U.S. Army Cyber Protection Brigade · Fort Eisenhower, GA

  • Planned DCO and related activities for a Battalion of 549 personnel supporting multiple US Army combatant commands, DoDIN, and USCYBERCOM mission priorities through network assessments and QRF deployments.
  • Created an operational reporting dashboard using a custom database language that visualized DCO effectiveness and mission outcomes; disseminated and implemented throughout USCYBERCOM.
DCO Operations Network Assessment USCYBERCOM

Mission Element Lead

Jun 2021 — Jun 2022

U.S. Army Cyber Protection Brigade · Fort Eisenhower, GA

  • Conducted enterprise-level network assessments for USSOUTHCOM and a ministry-level assessment for a US strategic partner nation, enabling significant improvements to security posture.
Network Assessment DCO USSOUTHCOM

Cyber Operations Officer Trainee

Jul 2020 — Jun 2021

U.S. Army Cyber Training Battalion · Fort Eisenhower, GA

  • Completed formal pipeline training to become a qualified Cyber Operations Officer (17A).
17A Cyber Operations
// open_source

Projects

A selection of open-source work I've built or contributed to recently — tools and proof-of-concepts that reflect my focus on Windows internals and offensive capability development.

// Tool

NT-AUTH-NewPrompt

Windows capability leveraging NT AUTHORITY mechanisms to spawn an elevated prompt. Demonstrates advanced Win32 API usage including token manipulation and privilege escalation techniques at the user-level.

C Win32 API Token Manipulation
View on GitHub
// Tool

SeRestoreAbuse

Proof-of-concept demonstrating abuse of SeRestorePrivilege in Windows environments. Enables targeted file system manipulation for privilege escalation scenarios, implemented in C against the Win32 API.

C Win32 API Windows PrivEsc
View on GitHub
// Contribution

nxc Additions

Contributions to NetExec (nxc), extending the open-source network exploitation framework with an additional module for SeRestoreAbuse that streamlines penetration testing and threat emulation workflows. [PENDING]

Python NetExec Pen Testing
View on GitHub
// education

Education

B.S. Chemical and Biomolecular Engineering

Georgia Institute of Technology · Atlanta, GA

2019
  • Program ranked 2nd nationally by U.S. News & World Report
  • GPA: 3.8
  • Award for Exemplary Academic Achievement — School of Chemical & Biomolecular Engineering (awarded to approximately 30 of 900 students)

// internship_experience

2026

Security Research Intern

White Knight Labs

Refactoring and extending an RPC client-server architecture to enable red team command-and-control capabilities.

2018

Research Intern

University of South Florida

Helped develop a catalyst for syngas reformation for use in a $2M pilot plant.

2017

Process Engineering Intern

Resolute Forest Products

Enabled conversion of main paper machine to alkali process; chemical dosage calculations yielded approximately $5M in annual savings.

2014

Research Intern

Oak Ridge National Laboratory

Developed a technique improving accuracy in mass spectrometry data evaluation, saving approximately 10% of analysis time for researchers worldwide.

// get_in_touch

Contact

Open to discussing roles in offensive security, capability development, or red team engineering.

[email protected] github.com/rhymenaucerous linkedin.com/in/christopher-elliott-8aa725157