About Mason Prince - Offensive Security Researcher & Pentester

I’m an offensive security engineer with 5+ years of experience across penetration testing, red team operations, and application security — in both commercial and U.S. federal (FedRAMP) environments. My work sits at the intersection of offensive tradecraft, cloud security, and emerging AI attack surfaces.

Technical Skills

• Penetration Testing: Web applications, network infrastructure, API security, cloud environments
• Red Team Operations: Adversary simulation, C2 infrastructure, post-exploitation, lateral movement
• Exploit Development: Binary exploitation, shellcode development, ROP chains
• AI/ML Security: Adversarial ML, LLM attack surfaces, AI agent security (MCP, tool poisoning)
• Programming: Python, Go, Bash, C, JavaScript, PowerShell
• Tools & Frameworks: Burp Suite Pro, Caido, Cobalt Strike, Metasploit, Bloodhound, Impacket, custom tooling

Certifications

Offensive Security (OffSec):

• OffSec Web Expert (OSWE) — Nov 2025
• OffSec Certified Professional+ (OSCP+) — Jun 2025
• OffSec Experienced Penetration Tester (OSEP) — Nov 2024
• OffSec Exploit Developer (OSED) — In progress, expected Nov 2026
• OSCE³ (OffSec Certified Expert³) — Anticipated upon OSED completion (Nov 2026); requires OSEP + OSWE + OSED)

Cloud & Security Management (ISC²):

• ISC² CCSP (Certified Cloud Security Professional)
• ISC² SSCP (Systems Security Certified Practitioner)

CompTIA:

• PenTest+
• CySA+ (Cybersecurity Analyst)
• Security+
• Network+
• A+

Other:

• ITIL v4 Foundation
• LPIC-1 Linux Administrator

Areas of Focus

• Web Application Security (OWASP Top 10, API vulnerabilities, source code review)
• Red Team operations and adversary simulation
• Active Directory & Windows exploitation
• FedRAMP assessment support and compliance-driven security
• AI/ML security — LLM attack surfaces, agent security, adversarial inputs
• Cloud security (AWS, Azure attack surfaces)
• Bug bounty hunting

Education

• M.S. Computer Science — AI/ML Specialization (In Progress), Western Governors University
• B.S. Cybersecurity & Information Assurance, Western Governors University — Jan 2025

What You’ll Find Here

This blog is a mix of:

• CTF Write-ups: Detailed walkthroughs of Capture The Flag challenges from platforms like HackTheBox, TryHackMe, and CTF competitions
• Vulnerability Analysis: Commentary on the latest CVEs, zero-days, and security incidents
• Security Tutorials: Practical guides and techniques for penetration testing and exploit development
• Research: My own vulnerability discoveries and security research — including the emerging AI/agent attack surface

Why I Do This

I believe in the power of offensive security to make systems stronger. Every vulnerability found is an opportunity to improve defenses. I’m passionate about learning, sharing knowledge, and contributing to the security community — especially as AI reshapes the threat landscape.

Contact me

Interested in working together or have questions? Reach out!

• Email: mason.a.prince@gmail.com
• Twitter: @MasePrace93
• GitHub: masalepri98
• LinkedIn: masonaprince