Welcome to my GitHub! Iβm passionate about automation, offensive security, and exploiting code vulnerabilities without user interaction. My work focuses on building tools and workflows that simplify vulnerability discovery and enhance security workflows.
- π» Application Security Analyst specializing in code-first vulnerabilities, including SQL Injection (SQLi), Firewall Bypasses, and AV Evasion.
- π οΈ Proficient in Bash scripting, Python, PHP, Go, C, and UNIX tools. I believe in code quality and automation to improve efficiency and workflow.
- π Exploit Code: My focus is on technical vulnerabilities that do not rely on user interaction.
- Submitted ~2500 vulnerabilities across platforms like BugCrowd, Invicti, HackerOne and Open Bug Bounty.
- Contributed to fixing over 130 vulnerabilities in various bug bounty programs.
- Ranked in the Top 25 on the Hack The Box leaderboard, demonstrating my capability in CTF and red teaming exercises.
- Languages & Tools: C, Python, Go, SQL, Docker, Bash one-liners π
- Security Tools: BurpSuite, Nmap, Zap, SqlMap, wapiti, the ProjectDiscovery arsenal, and my personal Toolbelt
- Automation & Data Parsing: I use Trickest for workflow automation, and ElasticSearch for handling large datasets.
- CTF & Red Teaming: Regular participant in Capture The Flag events, focusing on red teaming and offensive security challenges.
- Security Tools Collection: A platform that aggregates the latest security tools and auto-renders their GitHub READMEs for streamlined access.
- Exploit Database: Automatically pulls and organizes exploits from PacketStormβs RSS feed, providing immediate access to newly released exploits.
- CVE POC Locator: Offers fast, fuzzy text searches across the entire CVE dataset, allowing for millisecond response times on CVE lookups. This tool improves vulnerability research by enhancing speed and accuracy.
