This is my full CV of work.

Username guessing tool primarily for use against the default Solaris finger service. Also supports relaying of queries through another finger server.

Scripted Local Linux Enumeration & Privilege Escalation Checks

AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.

OpenCTI Python Client

OpenCTI Connectors

Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.

This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-Google owned code.

SatIntel is an OSINT tool for Satellites 🛰. Extract satellite telemetry, receive orbital predictions, and parse TLEs 🔭

DroneXtract is a digital forensics suite for DJI drones 🔍. Analyze sensor values, visualize flight maps, and audit for criminal activity 🗺

A compilation of snort rules for detecting malware traffic.

IDAPython project for Hex-Ray's IDA Pro

An attack tool designed to remotely disable CCTV camera streams (like in spy movies)

NucleiFuzzer is a Powerful Automation tool for detecting XSS, SQLi, SSRF, Open-Redirect, etc.. Vulnerabilities in Web Applications

A repository that includes all the important wordlists used while bug hunting.

Directory/File, DNS and VHost busting tool written in Go

RetDec is a retargetable machine-code decompiler based on LLVM.

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous …

OWASP Joomla Vulnerability Scanner Project https://www.secologist.com/

WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites. Contact us via [email protected]

s3 brute force tool

Nuclei templates written by us.

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

yarGen is a generator for YARA rules

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

Fast passive subdomain enumeration tool.

In-depth attack surface mapping and asset discovery

Web Application Security Scanner Framework

A modular Python application to collect intelligence for malicious hosts.

A modular Python application to pull intelligence about malicious files