Projects & Tools

Request Interceptor is a powerful Firefox extension designed for security professionals and developers who need granular control over web requests. The addon enables seamless interception, analysis, and modification of HTTP requests before they're sent to the server.

The extension offers real-time HTTP request and response modification capabilities, custom rule-based interception patterns, and comprehensive header manipulation features. It maintains session persistence for complex testing scenarios while being optimized for minimal impact on browsing performance.

BGPulse is a sophisticated tool designed to automatically probe Border Gateway Protocol (BGP) implementations for security vulnerabilities. With precision and efficiency, it helps identify weaknesses in BGP configurations that could potentially be exploited in routing attacks.

The tool provides automated detection of common BGP vulnerabilities and delivers comprehensive reporting with remediation guidance. It employs non-intrusive testing methodologies and supports various BGP implementation vendors. BGPulse also offers configurable test scenarios for targeted assessment of specific network environments.

HeaderGuard is an advanced online HTTP security header analyzer that helps security professionals and web developers assess and improve the security posture of their websites. It evaluates HTTP response headers against best practices and security standards.

The service performs in-depth analysis of security-related HTTP headers and provides automated scoring with clear recommendations. It compares implementations against OWASP security best practices and detects missing or misconfigured security headers. HeaderGuard provides detailed explanations and implementation guidance to help users strengthen their web applications.

NetGazer is an efficient tool designed to capture screenshots of websites and web servers based on predefined lists of IP addresses and URLs. It organizes and presents these results in a structured format, making it invaluable for network reconnaissance and documentation.

The tool automates screenshot capture from multiple targets and employs concurrent processing for efficiency. It generates organized output in Word document format with customizable capture parameters. NetGazer also includes robust error handling with detailed logging to ensure comprehensive results even when encountering problematic targets.

PassPatternLab is a dedicated research repository containing various tools I've developed for uncovering the intricate world of password patterns and user behavior in creating passwords. This project helps security professionals understand common password creation tendencies and improve password policy implementations.

The repository includes analysis tools for identifying password construction patterns, visualization components for representing password entropy distribution, and benchmark utilities for evaluating password policies. PassPatternLab provides valuable insights into human behavior aspects of password selection, helping organizations implement more effective security measures.

GitBlast is a powerful tool that automates extensive GitHub searches using 23 predefined dorks and regex patterns, with optional entropy detection. Built for speed and scale, it's aimed at security researchers, developers, and organizations looking to identify exposed secrets and sensitive information in code repositories.

The tool excels at scanning repositories at scale with configurable search parameters and offers robust detection capabilities for API keys, passwords, and other sensitive data. GitBlast employs multi-threaded processing for efficient scanning of large repositories and provides comprehensive reporting with actionable remediation steps.

GitSnipe is a precision GitHub code scanner that mimics GitHub's search bar exactly. Designed for accurate pinpoint searches, it helps find GitHub secrets with pinpoint accuracy. GitSnipe operates as the little brother of GitBlast, focusing on targeted scanning rather than broad searches.

The tool automates GitHub searches with advanced syntax support for security research, OSINT, and data analysis. GitSnipe excels at precise query construction to uncover specific types of sensitive information and offers an intuitive interface for both automated and manual search workflows. It's particularly valuable for focused security assessments requiring surgical precision.

WebScout is a versatile network scanning tool designed to identify live web servers within specified IP ranges or networks. It allows users to customize scans with specific status codes and provides options for detailed server insights, making it an essential tool for network mapping and reconnaissance.

The tool efficiently discovers and categorizes web servers across diverse network segments with customizable scan parameters and connection timeouts. WebScout generates structured output formats for integration with other security tools and includes detailed server fingerprinting capabilities to identify server types, versions, and commonly deployed web technologies.