Pinned Projects

XScraper

Custom Configurable Web Scrapers : XScraper VulnScraper

This project provides a configurable web scraping tool focused on extracting security relevant data. Adaptable & Proxy-able to monitor various online sources for indicators of compromise (IoCs), mentions of vulnerabilities, potential data leaks (on public sites like pastebins), or other security-related keywords and patterns.

Python3 Beautiful Soup IPRoyal
View on GitHub →
Ukrainian Ops

Hybrid Russian Cyber Operations

Ukrainian offensive operators published target lists, with that I conducted a deep dive into Russian military infrastructure, inside Russia, Chechnya, and Belarus. Using a variety of scanning techniques, OSINT.

Spiderfoot OSINT Gemini AI Deep Research WebCheck.xyz
View on Blogger →
Real-Time Object Detection

KASM Workspace Server

Kasm Workspaces is more than a virtual desktop platform—it's a strategic enabler for organizations driven by its ability to meet the evolving demands of remote work, cybersecurity, data protection, and cost efficiency. My implementation is tunnelled thru cloudflare zero trust for web access.

Docker Kasm Cloudflare Zero Trust
View on Blogger →
Auto Checkout Bot

Transform a CSV tsunami to a coherant report!

A human analyst would need to spend hours, or even days, pivoting through in depth OSINT analysis to build a mental map of the target. I needed a way to do this in seconds.

Kasm Spiderfoot Gemini AI
View on Blogger →
Offensive AI

Copilot in Cyber Security : Powerpwn

PowerPwn leverages an offensive security toolset to audit Microsoft365 and Copilot Servers.

Copilot Flask Python
View on GitHub →
Report/Scan Analysis with Visual Map

Data Driven Analysis

Visual Map: Real-Time Security Auditing developed by afsh4ck, is a game-changer. It transforms raw Nmap XML output into an interactive dashboard with host scan risk scoring, cve dash, service distribution, and attack path analysis.

Visual Map Python Sublist3r
View on my Blog →

Research Exploration of Cybersecurity

This page serves to give you a guided tour of my current and past research efforts. Both personal and professional, encompassing scripting to embedded devices. Adapting the most modern and capable technologies for cybersecurity roles.

The Evolving Landscape: Integrated Systems in Cybersecurity

The proliferation of integrated systems, microcontrollers, IOT, and these devices allowing for easier and streamlined Industrial Control Systems has profoundly reshaped the cybersecurity landscape, blurring the lines between the digital and physical worlds. These devices, once niche, are now ubiquitous, powering everything from industrial control systems to everyday consumer electronics. While bringing immense convenience and automation, their widespread adoption has also introduced new attack surfaces and complex security challenges, both at large and within corporate environments.

Pivotal events and devices highlight this shift:

  • Stuxnet (2010): This sophisticated cyberweapon demonstrated the devastating potential of targeting Industrial Control Systems (ICS) and SCADA environments. It specifically exploited vulnerabilities in Siemens PLCs, causing physical damage to Iranian centrifuges by manipulating their rotational speeds. Stuxnet was a stark reminder that cyberattacks could have tangible, real-world consequences, forcing industries to re-evaluate the security of their operational technology (OT) networks.
  • Sandworm - NotPetya (2017): The sophistocated APT group serving Russian interests, demonstrated the next evolution in targeting ICS. In 2017 the world witnessed the largest and most destructive cyberattack in history. NotPetya paralyzed drug and food manufacturing, shipping, hospitals, postal systems, and ATMs. Inflicting an unprecedented $10 billion dollars worth of damage. Prior to this attack Sandworm conducted a less destructive more stealthy reconnaissance campaign which included a listener node specially designed to gather data on the General Electric - Cimplicity ICS systems. This campaign was key to the success the group saw with NotPetya and further destructive operations in Ukraine.
  • Sandworm - 2022 Campaign: In 2022, the Russian state-sponsored hacking group Sandworm executed disruptive cyberattacks across Ukraine and Europe. AcidRain Wiper malware to disrupt the KA-SAT satellite network. The attack primarily targeted Ukraine's military communications, but also impacted thousands of users across Europe. On October 10, 2022, Sandworm successfully disrupted the power grid of an unnamed Ukrainian energy provider. Two days after the power outage, Sandworm launched a variant of CaddyWiper malware to erase data on the victim's IT network. In April 2022, Sandworm attempted to deploy its sophisticated Industroyer2 malware against high-voltage electrical substations. These tools were designed to render systems unbootable and irrecoverably destroy data and all included where the digital world meets critical infrastructure.

These examples illustrate that cybersecurity is no longer confined to traditional IT networks. It now encompasses the physical devices that control our infrastructure, vehicles, and daily lives. Understanding and securing these integrated systems, microcontrollers, and implants is paramount for comprehensive defense in both national security and corporate cybersecurity strategies. My projects in this domain reflect a hands-on approach to tackling these critical challenges.