Kazakhstan · offensive security

Yekaterina
Shevchenko

// m0rn1ngstr
Hello, friend.

I grew up pressing every button I could find - in apps, in programs, in systems - just to see what would happen. That approach didn't always end well. But it turns out it's exactly the right mindset for offensive security.

I'm a penetration tester, red team operator, and team lead. Over the years I've built methodologies for large-scale security assessments, spoken at international conferences, and kept collecting certifications - OSCP, OSEP, CRTO, ARTE - not as checkboxes, but because each one genuinely changed how I think about attacking systems.

My focus is red team operations, Active Directory, web application security, and AWS offensive techniques. I believe the best way to defend systems is to think like the people trying to break them. That's what I do professionally - and what I teach on this channel.

Beyond the technical work, I support the local security community through talks, webinars, and content - because I believe helping others grow sharpens your own thinking.

YouTube X LinkedIn
Yekaterina Shevchenko
Yekaterina Shevchenko · m0rn1ngstr
what I do
Red team operations
Adversary simulation, C2 frameworks, evasion, full attack chain
Active Directory
Kerberoasting, ACL abuse, lateral movement, domain dominance
AWS offensive
IAM misconfigs, Lambda abuse, privilege escalation in cloud
Web pentesting
SSRF, IDOR, auth bypasses, chaining bugs to critical impact
Content creation
YouTube channel - attack walkthroughs and red team education
timeline
2026
Speaker - GISEC Global
Dubai
2026
Most Inspiring Women in Cyber - shortlisted
UK
Article ↗
2026
Global 30 Under 30 in Cybersecurity
post in LinkedIn ↗
2025
Advent of Cyber creator
TryHackMe
2025
Finalist for Cyber Woman Professional in Cybersecurity - Femme Professionnelle Cyber
CEFSYS · France
post in LinkedIn ↗
2025
When Social Engineering Fails
Speaker · online event
2025
Responsible Disclosure HoF
Ferrari
2025
Woman Hacker of the Year - finalist
Cybersecurity Woman of the World · USA
post in LinkedIn ↗
2025
Speaker - AppSecFest
watch recording ↗
2024
Speaker - KazHackStan
watch recording ↗
2021
First woman OSCP-certified in Central Asia
certifications
OSCPOffensive Security OSEPOffensive Security CRTOZero-Point Security OSWPOffensive Security ARTEHackTricks CREST CPSACREST CREST CRTCREST Security+CompTIA MCRTACWL
talks & media
KazHackStan 2024
talk recording
AppSecFest 2025
talk · starts at 6:15:30
Women in Cybersecurity webinar
recording
Podcast interview
YouTube
as featured in
Epic Women in Cyber
Epic Women in Cyber - Katerina Shevchenko
English · Medium
Read
CABAR.asia
How White Hat Institute Works in Kazakhstan
English
Read
The Steppe
The First OSCP-Certified Female Penetration Tester in Central Asia on IT Stereotypes, Cyberattacks, and Information Security
Russian
Read
WeProject Media
I Am an Ethical Hacker: The First Woman in Central Asia with an International OSCP Certification Talks About Her Work
Russian
Read
The Tech KZ
WomenInTech: how women from Kazakhstan are building their careers in IT
Russian
Read