Welcome to my GitHub profile! I am an ethical hacker offering professional penetration testing services.
I am a passionate ethical hacker and penetration tester committed to offensive cybersecurity, Defensive security, and vulnerability research. My mission is to fortify digital defenses by thinking like an attacker — responsibly and legally.
With hands-on experience in both manual and automated security assessments, I identify and analyze system vulnerabilities to help organizations proactively address threats before they can be exploited. I actively sharpen my skills on platforms like TryHackMe and Hack The Box, while developing custom scripts and payloads to improve testing efficiency.
This repository is a curated collection of my tools, notes, and research, designed to contribute to the infosec community and fuel continuous learning.
- Web Application Penetration Testing
- Network Exploitation
- Thread Detection
- Active Directory Attacks
- Social Engineering Techniques
Programming & Scripting:
Operating Systems:
Recon & Automation:
Nmap | Masscan | Amass | Netcat | theHarvester | Shodan
WhatWeb | Dirb | Dirsearch | Python & Bash Scripting | Virustotal
Web & Vulnerability Testing:
Burp Suite Pro | Nikto | FFUF | Gobuster | SQLmap | ZAP Proxy | Wfuzz | Sublist3r
Exploitation / Post-Exploitation:
Metasploit | CrackMapExec | Responder | Evil-WinRM | WinPEAS | LinPEAS | Mimikatz | PowerSploit | Impacket
Credential Attacks:
Hydra | John the Ripper | Hashcat
Active Directory:
BloodHound | PlumHound | LDAPDomainDump | Pingcastle
Network Analysis:
Wireshark | Tcpdump | Ettercap | Aircrack-ng | netdiscover
OSINT & Social Engineering:
Maltego | Sherlock | Recon-ng | PhoneInfoga | Social-Engineer Toolkit (SET)
- 🏴☠️ Active Directory Attacks: LLMNR spoofing, SMB relay, Kerberoasting, NTLMv2 hash capturing in virtual labs
- ⚙️ Pentest Automation: Writing custom Python/JavaScript for automation
- 🌐 Web App Security: OWASP Top 10, Burp Suite Pro, practical hands-on labs
- 🧠 Cybersecurity Storytelling: Creating awareness content about cyber events & incidents
- 🧪 CTFs & Labs: Hack The Box, TryHackMe, building vulnerable machines
- 🔓 Hash Cracking: Running Hashcat, John for password research
- Malware Ananlysis and Thread Detection
- 🧠 Ethical Hacking & Red Teaming
- 🔍 Cybersecurity Research & Education
- 📚 Social Engineering & Human Behavior
- ✍️ Content Creation (blogs, explainers)
- 🧪 Lab-Based Learning (AD, post-exploitation, LLMNR, hash extraction)
- 🌱 Artificial Intelligence in Cybersecurity
- Defensive Security
- Cloud Security
-
Web-email-bundler
Lightweight Python tool to crawl websites and extract real email addresses ethically. domain restrictions, and smart filtering. Great for OSINT recon. 🕷️📧 -
XSS-Payload-CheatSheet
Curated list of XSS payloads for testing and learning web vulnerabilities.
⭐️ Thanks for visiting! Feel free to explore my repositories and reach out if you'd like to collaborate or connect!