Welcome! This repo highlights select projects, PoCs, tools, and research I've developed or contributed to.
- CISA Advisory.
- Out-of-bounds write vulnerability I discovered within the Grassroots DICOM (GDCM) library.
- Responsibly disclosed alongside CISA.
- Assigned CVE-2025-11266.
- Rust implementation of CVE-2025-32463.
- Spawns a root shell to escalate privileges.
- Custom payloads are supported.
- Wrote a Rust-based PoC for the Dirty Pipe vulnerability.
- Arbitray file overwrite.
- Supports overwriting SUID binaries to escalate privileges.
- Customizable HTTP honeypot.
- Imitates file upload site. Saves and logs all files that are uploaded.
- Supports customization of the site using HTML and CSS.
- Uploads files to VirusTotal by default.
- Supports custom WebHooks called on file uploads.
- Writeup covering customization on my blog.
- Python code for detecting phishing emails based on email body text.
- Binary classification of emails.
- Writeup of methods and findings on my blog.
MLWL (Machine Learning Wordlist Generation)
- Utilizes ML/NLP to generate wordlists for password cracking.
- Word2Vec used to generate a list of similar words/phrases based on an input wordlist.
- Easily generates large targeted wordlists based on user-defined keywords.
- Alternative to AutoRecon that scans web services with HTTP proxies support.
- HTTP proxy support allows Burp/ZAP usage when performing discovery scans.
- Additionally allows automated scanning wherever proxies are required.
- Custom firmware modifications for the Defcon 32 badge.
- Added functionality for running Rubber Ducky scripts over USB connection.
- Reverse engineered Malwarebytes 2017 Crackme challenge.
- Writeups of my process and findings on my blog.
- Our team, Ostrich Lab, achieved 2nd place out of 66 teams.
- We scored 10,290 out of 13,182 possible points.