[OP-001] OSS · Reconstable
./wolfscan
Async reconnaissance framework. Plug-in architecture, distributed workers, output to anything that speaks JSON.
GogRPCRedis
// ~/projects — git log --oneline
Selected operations.
A subset of public work. Most engagements stay under NDA — the artifacts here are research, OSS, and disclosures.
[OP-002] Research · APT Trackingactive
./shadowtrail
Long-running infrastructure correlation engine. Surfaces threat-actor pivots from passive DNS + cert transparency.
RustClickHouseKafka
[OP-003] Red Team · C2private
./pack-of-one
Personal C2 with malleable profiles, BOF support, and operator-first ergonomics. Internal use only.
RustPythonWASM
[OP-004] Detection · Sigma Rulesstable
./den
Curated detection set covering modern intrusion patterns. Mapped to ATT&CK, tested against atomic + APT emulations.
SigmaSplunkElastic
[OP-005] Disclosuredisclosed
./CVE-2024-XXXXX
Auth-bypass chain in a popular SaaS identity provider. Coordinated disclosure, full advisory pending.
WebOAuthJWT
[OP-006] Education · CTFlive
./howl
Free CTF platform for newcomers. Beginner-friendly challenges with detailed write-ups after solve.
TSPostgresK8s
// most of the interesting work is private. for case studies, request a brief.