PROJECTS
Dependency Health Monitor
Python tool for comprehensive dependency health assessments. Calculates weighted health scores across security (OSV vulnerability scanning), maintenance status, community engagement, and popularity. Features license categorization, SQLite caching, and CI/CD-ready JSON output with A-F grading.
Universal Log Parser
Python library and CLI for automatic log detection, parsing, and normalization. Supports 11 log formats (JSON, Apache, Nginx, Syslog, Docker, Kubernetes). Features streaming for 10GB+ files, log correlation across sources, and extensible architecture.
Polybar Widgets
Collection of custom Polybar widgets for Linux desktop security monitoring. Includes flameshot screenshot, Docker status, system uptime, screen brightness, IDS alerts, VPN status, system updates, IP info, and more.
Linux Security Suite
Unified desktop security dashboard consolidating Suricata/Snort IDS, ClamAV antivirus, firewall management, and threat intelligence (VirusTotal, AbuseIPDB, AlienVault OTX, ThreatFox). Features real-time network monitoring, JA3/JA4 TLS fingerprinting, system hardening audits, and Polybar widget integration.
iCTF
Mobile cybersecurity CTF platform for iOS providing hands-on security challenges without jailbreak. Features cryptography, web security, forensics, reverse engineering, and network challenges with sandboxed execution and terminal emulation.
AugFly
Augmented reality flight tracking application. Point your camera at the sky to see real-time flight information overlaid on aircraft using ARKit and live ADS-B data feeds. Features GPS positioning, detailed flight information, and native performance.
PurpleSploit
A framework for ultimate pentesting workflow efficiency. Features centralized SQLite-based credential and target management, automated service detection through nmap parsing, fzf-powered interactive selection menus, and integrated utilities like ligolo-ng proxy tunneling.
ArgusCloud
A full-featured Cloud-focused attack-path generation and graphing toolkit. Supports AWS, Azure, and GCP environments for identifying and visualizing potential attack vectors and privilege escalation paths in cloud infrastructure.
ThreatMobile
Mobile threat intelligence application providing security analysts with real-time IOC lookups, threat feed aggregation from VirusTotal, AlienVault OTX, ThreatFox, AbuseIPDB, CVE tracking, watchlists, and push notifications for threats matching monitored indicators.
GrepEx
iOS app for security researchers and developers to generate regex patterns and search dorks. Features 80+ pattern templates, 21 language outputs, GHDB integration with 3600+ dorks, live testing, ReDoS protection, and gamification with achievements.
Quantsploit
A modular quantitative trading framework inspired by penetration testing tools like Metasploit. Features an interactive TUI with command auto-completion, technical indicators (RSI, MACD, SMA, EMA, Bollinger Bands), multi-stock market scanning, options chain analysis with Greeks calculations, and strategy backtesting.
GuacaMappy
Cross-platform mobile client for Apache Guacamole enabling remote desktop access from iOS and Android. Supports RDP, VNC, SSH, and Telnet protocols with MFA/TOTP authentication, WebSocket tunneling, and touch-to-mouse input translation.
supwngo
Automated penetration testing utility with autopwn capabilities. A Python-based security tool designed to streamline exploitation workflows and automate common pentesting tasks.
Pentest Scripts
Scripts designed for automation and streamlining of simple tasks centered around discovery and enumeration. Created during OSCP labs to eliminate repetitive command typing and maximize efficiency.
SecureLLaMA
A secure implementation of the open-source LLaMA LLM using Docker, Python and Gradio. Designed for secure network deployment with proper isolation and access controls for AI/ML workloads.
WinBins
Update your Windows penetration testing and red teaming binaries with a simple script. Streamlines the maintenance of security testing tools on Windows systems with automated binary management.
Discord Auto Updater
A Shell script automation tool designed to manage Discord installations on Linux systems (Debian and Fedora). Automatically installs, updates, and integrates with cron scheduling for weekly automated updates.
CyberQuizzer
An interactive interview preparation platform with comprehensive question banks covering pentesting, security engineering, hardware hacking, and blue team operations. Features progress tracking, categorized topics, and detailed answers for each challenge.
MCP-Kali-Server Bridges
Bridging MCP server to OpenAI/ChatGPT and LM-STUDIO. Provides terminal access to AI systems including OpenAI, Claude, Google Gemini, and local models. Enables AI-assisted penetration testing workflows.
Cloud Pentesting Resources
A curated compilation of cloud security testing resources organized by cloud provider and topic. Comprehensive coverage for AWS, Azure, GCP, Kubernetes, IBM, and Digital Ocean.
PhotoSec
A privacy and security oriented Python script using various open-source tools. Functions include bulk metadata removal from photos, bulk image analysis (using exiftool, binwalk, strings), and bulk GPS metadata extraction.
Securicoder
A full-stack web development project using the OpenAI API to perform static code analysis on user-submitted code. Built with Django/gunicorn and nginx, deployed with SIEM/IDS integration.
NOTES & RESOURCES
Windows Privilege Escalation
Comprehensive notes on Windows privilege escalation techniques and methodologies.
Linux Privilege Escalation
Linux privilege escalation techniques, SUID exploitation, and kernel exploits.
Active Directory Exploitation
AD attack paths, Kerberos attacks, credential harvesting, and lateral movement techniques.
Web Application Security
XSS, SSTI, LFI/RFI exploitation notes and testing methodologies.
Defensive Security Notes
Blue team techniques, SIEM configuration, and defensive monitoring strategies.