FEATURED PROJECTS
CyberQuizzer
An interactive interview preparation platform with comprehensive question banks covering pentesting, security engineering, hardware hacking, and blue team operations. Features progress tracking, categorized topics, and detailed answers for each challenge.
PurpleSploit
A Python-based offensive security framework designed to streamline pentesting workflows with both CLI and web interfaces. Features include centralized SQLite-based credential and target management, automated service detection through nmap parsing, fzf-powered interactive selection menus, and integrated utilities like ligolo-ng proxy tunneling.
Quantsploit
A modular quantitative trading framework inspired by penetration testing tools like Metasploit. Features an interactive TUI with command auto-completion, technical indicators (RSI, MACD, SMA, EMA, Bollinger Bands), multi-stock market scanning for momentum and volume patterns, options chain analysis with Greeks calculations, and strategy backtesting capabilities.
MCP-Kali-Server Bridges
A bridge connecting Kali Linux terminal capabilities with various AI language models through the Model Context Protocol (MCP). Provides terminal access to AI systems including OpenAI, Claude, Google Gemini, and local models. Enables AI-assisted penetration testing workflows including CTF solving, reconnaissance, web app testing, and forensics.
B-NEAS
Bash Network Enumeration Automation Script. Created during OSCP labs to eliminate repetitive command typing and maximize efficiency. A customized automation tool tailored for pentesting workflows.
WinBins
Update your Windows penetration testing and red teaming binaries with a simple script. Streamlines the maintenance of security testing tools on Windows systems with automated binary management.
supwngo
Automated penetration testing utility with autopwn capabilities. A Python-based security tool designed to streamline exploitation workflows and automate common pentesting tasks.
Cloud Pentesting Resources
A curated compilation of cloud security testing resources organized by cloud provider and topic. Comprehensive coverage for AWS, Azure, GCP, Kubernetes, IBM, and Digital Ocean with structured sections for resources, tools, labs, and walkthroughs.
PhotoSec
A privacy and security oriented Python script using various open-source tools. Functions include bulk metadata removal from photos, bulk image analysis (using exiftool, binwalk, strings), file renaming, and bulk GPS metadata extraction.
Discord Auto Updater
A Shell script automation tool designed to manage Discord installations on Linux systems (Debian and Fedora). Automatically installs, updates, and integrates with cron scheduling for weekly automated updates.
Securicoder
A full-stack web development project using the OpenAI API to perform static code analysis on user-submitted code. Built with Django/gunicorn and nginx, deployed on a cloud server with SIEM/IDS integration (Snort/Wazuh) and security tools like firejail.
NOTES & RESOURCES
Windows Privilege Escalation
Comprehensive notes on Windows privilege escalation techniques and methodologies.
Linux Privilege Escalation
Linux privilege escalation techniques, SUID exploitation, and kernel exploits.
Active Directory Exploitation
AD attack paths, Kerberos attacks, credential harvesting, and lateral movement techniques.
Web Application Security
XSS, SSTI, LFI/RFI exploitation notes and testing methodologies.
SMB Exploitation
SMB enumeration, exploitation techniques, and post-exploitation via SMB.
Defensive Security Notes
Blue team techniques, SIEM configuration, and defensive monitoring strategies.