This is your work, valued
nmapurls. Nmapurls parses Nmap xml reports from either piped input or command line arg and outputs a list of http(s) URL's to be used in an automation pipeline.
44Nessusploitable. Parses Nessus .nessus files for exploitable vulnerabilities and outputs a report file in format MM-DD-YYYY-nessus.csv
42Dockerfiles. A repository to store my Dockerfiles
10BurpQL. AI-optimized query engine for Burp Suite Pro HTTP traffic data. Ingests Burp XML exports into a fast, searchable SQLite database with a REST API designed for AI agent consumption.
8dnsrecon. This tool enriches domain lists by resolving each domain to its IP address and identifying the organization that owns the IP block. This helps you determine which domains are actually in scope for your pentest by showing the real infrastructure owners.
7Content-Security-Policy-Generator. This project is a Python script that generates example Content Security Policy headers and provides guidance on implementing dynamic nonces.
7san-resolver. Takes input from tlsx output and checks if certificate SAN resolves to the IP address. If it doesn't resolve to the IP address, print the input line.
6Crackjob. Crackjob is Bash shell scripts which I use to automate the process of cracking and parsing NTLM password hashes after getting Domain Admin and dumping NTDS hashes.
1scope-resolver. Expands a pentest scope by taking an input list which includes IP addresses and parses DNS and TLS SAN hostnames and merges the results with the original scope list.
1Kali-Docker. My customized Kali Docker container with my tools and customizations. This allows me to quickly spin up a recon and web app testing container anywhere.
1burpsluice. Burpsluice is a Python script that extracts all cookie and parameter names from Burp exports to file, and saves them to plain text files for examination.
1