Rane Villanueva

⚔️🛡️

Rane Villanueva

Security Analyst - Offensive Security ⚔️

I am a Security Analyst with focus on Offensive Security. My expertise lies in Web Application Security Assessment, and I also have knowledge in API, Mobile, Network, and Active Directory VAPT, as well as Red Teaming.

VAPT

Red Teaming

Purple Teaming

root@ranev:~/experience #█

[Apr 2025 - present]
Sr. Security Analyst - Shift Lead - Offensive Operations (Supervisor)
Nexus Technologies, Inc.
- Lead and oversee offensive security operations, ensuring quality execution of VAPT, red teaming, and purple teaming engagements across diverse client environments.
- Supervise and mentor analysts, ensuring adherence to best-practice methodologies, accuracy in findings, and timely delivery of high-impact assessment reports.
- Research and implement new offensive security tools, techniques, and methodologies to enhance the effectiveness and efficiency of security assessments.
[Apr 2024 - Apr 2025]
Security Operations Center (SOC) Analyst 2
Nexus Technologies, Inc.
- Conducted VAPT covering network, web, API, and mobile applications.
- Participated in red team operations to simulate real-world adversarial attacks.
[Mar 2023 - Apr 2024]
Security Operations Center (SOC) Analyst 1
Nexus Technologies, Inc.
- Performed incident investigation activities, including triage and recommendations of security incidents across multiple environments
- Investigated and analyzed suspicious emails and phishing attempts, strengthening mail security posture.
- Executed vulnerability assessment and penetration testing (VAPT) engagements to identify and validate security weaknesses across network and web assets.

root@ranev:~/certifications #█

2023-09-04
CySA+
CompTIA Cybersecurity Analyst
CompTIA
2023-12-12
eJPT
Junior Penetration Tester
INE
2024-11-23
CAPen
Certified AppSec Pentester
The SecOps Group
2025-05-01
OSWA
⭐
OffSec Web Assessor
OffSec
2025-07-04
CRTA
Certified Red Team Analyst
CyberWarFare Labs
2025-07-19
PT1
Junior Penetration Tester
TryHackMe
2025-10-13
CRTO
⭐
Certified Red Team Operator
Zero-Point Security
2026-04-01
GWAPT
⭐
GIAC Web Application Penetration Tester
GIAC
2026
OSCP
OffSec Certified Professional
OffSec
2026
CPTS
Certified Penetration Testing Specialist
HackTheBox

root@ranev:~/activities #█

GIAC Advisory Board

GIAC

The GIAC Advvisory board is an email-based forum where cybersecurity professionals can share their insights and feedback on GIAC certifications, training, and industry trends. This forum is an invite-only and includes certification passers who demonstrated exceptional performance on GIAC exams.

Top 2 out of 12 Finalists

Rootcon 19

Won the qualifiers and managed to land the 2nd place out of 12 finalists. Top 1 Filipino Team 🙂!

Top 3 out of 8 Finalists

Rootcon 18

Won the qualifiers and managed to garner the top 3 out of 8 finalists. Main expertise on Web and some OSINT.

Best Thesis

47th EECE Thesis Colloquium

Developed a Filipino Sign Language Recognition using Mediapipe Framework on an Nvidia Jetson Nano Embedded System.

root@ranev:~/projects #█

Blog

Created a blog to share insights, tutorials, and experiences in cybersecurity, web development, and other tech-related topics.

AD Lab

Created an Active Directory Lab using VMWare Workstation Pro to simulate a corporate network environment for penetration testing and security assessments. Followed Ben Heater's Guide on Building a Security Lab in VMware Workstation Pro.

Web Projects

Previous Web Projects that I have worked on. A little story, when I was College and started to read and watch videos on how to start in Cybersecurity, most of it said that programming and web development is a good foundation. So I started to learn Web Deevelopment. Here are some of the projects that I have worked on back then.