About Me:

The Intersection of Psychology & Cyber Warfare

Authored by AJ Montano, Updated 5/15/2026.

My immersion in the technical community began in childhood, building computers and learning Java. Growing up during the "Wild West" era of the internet, I became fascinated by the adversarial mindset—studying how systems were exploited and the psychological impact on victims. That early exposure to the chaotic side of cyberspace ignited a lifelong passion: to bring order to chaos and protect the vulnerable.

What sets me apart from a standard engineer is my deep focus on Human Psychology. Early in my career, I studied the research of Paul Ekman, achieving expert-level certification in Micro-Expression Analysis. In Cybersecurity, this translates to elite Social Engineering and Insider Threat detection capabilities. I understand that the most critical vulnerability in any system isn't code—it's the human behind the keyboard.

Career Foundation & Academic Velocity
My career is built on a foundation of operational leadership and uncompromising technical rigor.

• As an Executive Cybersecurity Consultant & SME for my private practice, I advise notable legal firms and private clients on digital forensics strategy, adversarial TTPs, and complex cyberattack remediation. 

• As a Senior Cybersecurity Architect within government infrastructure, I serve as the primary technical authority advising executive leadership on advanced persistent threats (APTs), infrastructure sabotage, and strategic risk mitigation.

I recently completed my Bachelor’s Degree in Cybersecurity & Information Assurance via an NSA-validated program at Western Governors University, a designated National Center of Academic Excellence in Cyber Defense (CAE-CD) where I am currently completing my Master's Degree. Immediately following, I am matriculating into a Ph.D. program in Offensive Cyber Engineering to research & engineer AI-integrated APT simulations and support the development of next-generation detection countermeasures.

Open-Source & Cybersecurity Engineering
I don't just advise on defense; I engineer the tools required to validate it. My research focuses on "Living off the Land" (LotL) and "Living off the User" (LotU) techniques to build cutting-edge countermeasures.

Solenya Secure Gateway | https://github.com/ButItWorkz/SolenyaSecureGateway

• The Concept: A zero-trust, high-assurance framework for establishing an IPsec IKEv2 full-tunnel virtual private network. It demonstrates advanced network micro-segmentation by coupling the native Windows Remote Access daemon with a decoupled, air-gapped Out-of-Band (OOB) signaling framework to securely transmit boundary IP telemetry over End-to-End Encrypted (E2E) channels.

• The Execution: The framework operates on a decentralized, three-tier architecture utilizing a pfSense Edge Gateway, a Linux-based Cryptographic OOB Relay, and a Native Endpoint Client. The client is a dynamically generated Windows Presentation Foundation (WPF) GUI executed entirely in memory via PowerShell, providing real-time state synchronization, automated certificate lifecycle management, and strict kernel-level network enforcement.

• Technical Depth: The endpoint client adheres to a strict "Living off the Land" (LotL) philosophy, utilizing purely native OS binaries with zero third-party dependencies. It showcases deep OS-level manipulation by bypassing Windows Filtering Platform (WFP) race conditions during pre-connection firewall drops, executing asymmetric cryptographic hot-swapping via internal registry manipulation, and navigating complex state-table routing conflicts.

Solenya Integrity Engine | https://github.com/ButItWorkz/SolenyaIntegrityEngine

• The Concept: A Zero-Dependency file integrity monitor (FIM) and persistence analytics engine designed for high-security environments where third-party software dependencies are prohibited or could become compromised.

• The Execution: Built using a multi-stage deployment architecture, the engine utilizes a Setup script to customize the Agent, Deploy, and Listener, for different configuration and threat analytic methods. It monitors for unauthorized state changes to Windows services, registry keys, and critical system endpoints. It can be configured to send this data to your SIEM for in depth analysis, just compile the raw data, or use its own heuristics engine with threat intelligence services like OTX and VirusTotal.

• Technical Depth: This project focuses on "Living off the Land" (LotL) techniques, ensuring the engine operates without external dependencies that could be poisoned by an adversary. It addresses the challenge of detecting sophisticated persistence mechanisms that standard security tools might miss by focusing on raw state-change telemetry and it enables researchers to study persistence mechanisms & detection mechanics without a corporate budget or access to a research lab.

Solenya Typer | https://github.com/ButItWorkz/SolenyaTyper

• The Concept: A specialized utility engineered to ensure basic native operating system features—specifically Copy & Paste—remain fully functional within web environments that lack standard clipboard integration. It is designed to restore digital autonomy and maintain operating system feature parity for the end user.

• The Execution: Operating as a lightweight PowerShell utility, the tool preserves this native functionality via asynchronous hardware interrupt polling and raw keystroke simulation. By translating clipboard data directly into simulated hardware input, it ensures seamless operation regardless of how the web application handles standard input methods.

• Technical Depth: Built entirely utilizing native .NET classes and Windows APIs, this project demonstrates strict "Living off the Land" (LotL) and "Living off the User" (LotU) methodologies. It requires no third-party installations, compiled executables, or elevated privileges, highlighting the ability to interface with low-level OS input buffers to preserve user accessibility and system parity.

Technical Arsenal

• Validation & Emulation: Adversary Emulation, Purple Teaming, LotL (Living off the Land) & LotU (Living off the User) Tactics, Vulnerability Management Pipelines, DAST/SAST Methodologies.

• Architecture & Defense: Zero Trust Implementation, Defense-in-Depth, Network Segmentation, EDR/XDR Ecosystems, Identity & Access Management (IAM).

• Advisory & Intelligence: Digital Forensics Strategy, Incident Response (IR) Leadership, OSINT Investigation, Executive Threat Briefings.

• Engineering Concepts: Cloud Security Posture Management (CSPM), Multi-Stage Payload Engineering, Persistence Analytics, System Hardening.
  

The Human Side
I believe that resilience is built through both professional challenges and personal journeys. On May 6th, 2022, I lost my mother and younger brother. Navigating that grief reshaped my perspective on life and drove me to find clarity through creativity. I use digital art as a way to process complex emotions and maintain balance in a high-stress industry. You can view my creative design studio at AJMdesign.com.

Community & Contact
I believe that success requires a comprehensive support system. My network includes a diverse group of experts covering nearly every aspect of technology. If you are interested in communities that make a positive impact, check out the Community Page on this site.

Let’s Connect I am actively seeking opportunities to apply my strategic vision and technical depth to new challenges in Cybersecurity, Purple Teaming, Research, and Defense Architecture. I’m open to collaborations and looking for sponsors to invest in my Ph.D. research at Capitol University, reach out to me and lets build something amazing!