Tools and research developed during red team engagements and penetration tests. All projects are open source and available on my GitHub.

Red Team Tools

PhantomPi: A Covert Red Team Implant

Raspberry Pi 4-based red team implant for covert network operations. Features transparent network bridging with 4G/LTE uplink and PoE capabilities.

Bash Python

View Repository →

htaccess NGINX Proxy O365 Phish

Apache .htaccess + NGINX reverse proxy setup for advanced O365 phishing. Chains a compromised corporate site with Evilginx to keep victims on a legitimate domain throughout the auth flow.

NGINX Red Team Phishing

View Repository →

Tools & Scripts

Burp Signature Generator

Burp Suite extension that auto-recalculates JSON body signatures and updates custom headers for signed API requests. Enables replay and fuzzing of mobile app APIs that require RSA-signed payloads.

Java Burp Suite Mobile Security

View Repository →

Cisco PSIRT Asset Monitor

Python tool for vulnerability management that queries Cisco PSIRT openVuln API against an asset inventory. Maps Cisco devices (IOS/NX-OS) to relevant security advisories when VA scanners can't reach all devices.

Python Vulnerability Management Cisco

View Repository →

Proxmark3 MIFARE UID Fuzzer

Lua script for Proxmark3 that fuzzes MIFARE Classic UIDs to assess UID-based access control systems. Supports pseudo-random, incremental, and decremental search strategies around a target UID.

Lua Proxmark3 Physical Security RFID

View Repository →

---

View all repositories →