I am aSecurity Researcher andFull Stack Developer focused on the offensive side of security. I don't just use tools;I build them.

My expertise lies in the intersection ofRed Teaming,Malware Analysis, andCustom Tool Development. I leverage my Full Stack skills to create advanced C2 (Command & Control) interfaces, phishing platforms, and offensive security tools likeint3rceptor.

Currently contributing to security projects at@S1b-Team, researching evasion techniques, and developing high-performance security utilities inRust.

int3rceptorA next-generation HTTP/HTTPS intercepting proxy. The perfect example of my skillset:Rust for high-performance backend networking andVue.js for a reactive frontend.

• 🔥Built with: Rust, Vue.js, TailwindCSS.
• ⚡Features: Intruder, Repeater, Rule Engine, WebSocket interception.
• 🎯Use Case: Rivaling commercial tools with a custom, security-focused workflow.

Explore the Project »

I organize my stack by how I use it in operations.

Languages for breaking in.

Languages for building C2, Phishing, and Dashboards.

Languages for understanding the system from the inside.

• Adversary Simulation: Full-cycle attacks from initial access to exfiltration.
• Active Directory: Kerberoasting, Golden Ticket, ACL abuse, DCSync.
• C2 Infrastructure: Setting up OPSEC-safe domains, redirectors, and listeners (Cobalt Strike, Sliver, Empire).

• Static Analysis: Reverse engineering binaries (x86/x64) using IDA/Ghidra.
• Dynamic Analysis: Sandboxing, behavioral analysis, unpacking.
• Evasion Techniques: AV/EDR bypass, process injection, API hooking, custom packers.

• Memory Forensics: RAM dump analysis with Volatility to find malicious processes and injection artifacts.
• Disk Forensics: Carving deleted files, analyzing MFT/$LogFile with Autopsy/Sleuth Kit.
• Network Forensics: PCAP analysis to identify lateral movement and C2 traffic.

• Custom Tooling: Developing internal proxies (likeint3rceptor), scanners, and automation scripts.
• Phishing Engineering: Creating high-fidelity clones using React/Vue.js for social engagement.
• Web Audits: Deep dive into OWASP Top 10 (XSS, SQLi, SSRF, RCE).

• Ricing: Customizing Arch Linux with DWM, Kitty, and Neovim for maximum efficiency.
• Kernel: Understanding syscalls, modules, and process scheduling for low-level exploitation.

• ✅OSCP – Offensive Security Certified Professional
• ✅ARTE – Advanced Red Team Engagement
• ✅CASP+ – CompTIA Advanced Security Practitioner
• 🔄CEH – Certified Ethical Hacker (In Progress)

"The quieter you become, the more you can hear."

⚠️ All tools and techniques shared are for educational purposes and authorized security testing only.

PinnedLoading

1. 0ptiscaler4linux0ptiscaler4linuxPublic

   The intelligent OptiScaler installer Linux gamers needed. Automates FSR4, XeSS & DLSS configuration with GPU-optimized profiles for RDNA3/4, Arc & RTX cards.

   Shell 36

2. laravel-secure-baselinelaravel-secure-baselinePublic

   Laravel Secure Baseline provides a fast, non-destructive scan to detect security misconfigurations in Laravel 10/11: env vars, session/cookie flags (Secure/HttpOnly/SameSite), permissive CORS, head…

   PHP

3. affinity-cliaffinity-cliPublic

   Universal CLI installer for Affinity products on Linux - Professional one-command installation for Affinity Photo, Designer, and Publisher

   Python 44 4

4. mephalamephalaPublic

   🕷️ Daedric deception platform — ML-powered honeypot with SSH/HTTP/FTP traps and real-time threat intelligence

   Python 2

5. ZigHoundZigHoundPublic

   🎯🐺 Advanced Red Team Framework written in Zig. Features encrypted C2, stealth agent, process injection, persistence, and post-exploitation modules.

   Zig 1

6. S1bCr4ftS1bCr4ftPublic

   Declarative system configuration for Arch Linux. NixOS-style reproducibility meets Arch flexibility. Security-first with 57+ modules for red team, malware analysis, development, and system optimiza…

   Rust