Security researcher focused on Red Teaming, Windows Internals, and Reverse Engineering. Passionate about low-level security, bootkits and rootkits.
Awesome-Bootkits-Rootkits-Development. A curated compilation of extensive resources dedicated to bootkit and rootkit development.
229Abyss. The first publicly shared complete Windows UEFI bootkit framework for automated Ring0 rootkit deployment and APT emulation
146Benthic. Windows Kernel Rootkit
70Bentico. [ARCHIVED] Early work on Benthic (Windows Kernel Rootkit).
58Bootkits-Rootkits-Development-Environment. Automated environment setup for Bootkit & Rootkit development.
42Abismo. [ARCHIVED] Early work on Abyss (Windows UEFI Bootkit).
41AIPentestCopilot. AI-Driven Breach and Attack Simulation Tool (Initial Proof of Concept for AI Pentest Copilot)
27PKfail. Use PKfail to install UEFI Bootkits
22Bootkits-Development-Starter-Pack. Starter pack for learning how to develop UEFI bootkits: basic proof-of-concepts, development environment configuration, and step-by-step resources to begin coding low-level bootkit components from scratch.
22Rootkits-Development-Starter-Pack. Starter pack for learning how to develop Kernel-Mode rootkits: basic proof-of-concepts, development environment configuration, and step-by-step resources to begin coding low-level rootkit components from scratch.
21The-Path-That-Leads-to-Your-First-CVE. A talk about finding your own path to vulnerability research and your first CVE.
16UEFI-Firmware-Analysis. UEFI firmware analysis & research on known vulnerabilities in early boot components
9Off-By-One-Security-Masterclass. Materials from the Masterclass I presented on the Off By One Security channel, hosted by Stephen Sims. The sessions covered how to develop and deploy rootkits and included an APT-style emulation demonstrating how such malware can be used operationally.
8Binary-Exploitation. A hands-on foundation in memory corruption, fuzzing, crash triage, and mitigation bypasses (from lab setup through CVE research to exploit development ).
6Binary-Exploitation-Lab. Deploys a ready-to-use debugging, reversing, and exploiting lab for Windows and Linux, automates the configuration of x64dbg and WinDbg with Mona, disassemblers, fuzzers, gadget finders, and everything else you need to practice binary exploitation from day one.
5Digispark-Attiny85-Physical-Red-Teaming-USB-Implant. Learn how to create Rubber Ducky-style USB implants with the Digispark Attiny85. Step-by-step setup, payload development and troubleshooting.
5SANS-SEC556-IoT-Penetration-Testing. Review, resources, and pre-lab exercises for the SANS SEC556 IoT Penetration Testing course, covering hardware hacking, firmware analysis, wireless protocols and SDR.
4WinDbg_Scripting. Starting point for scripting in WinDbg, covering WinDbg native scripting, JavaScript, and PyKD (Python).
3brokeCLAUDIA. CVE-2025-41090 (brokeCLAUDIA): Broken access control in microCLAUDIA, the anti-ransomware platform by CCN-CERT.
2CVE-2025-70330. Easy Grade Pro 4.1 file parsing bug used as an educational example to show how beginners can start vulnerability research through reverse engineering.
2CVE-2026-33439. First publicly shared exploit implementation for CVE-2026-33439 (OpenAM pre-auth RCE via jato.clientSession deserialization).
2ApacheConfigScan. A Python script designed to assess and enforce security best practices in Apache server configuration files.
1VMware-Secure-Boot-Custom-Keys. Fully customize Secure Boot keys inside a VMware Workstation VM
1CVE-2025-5548. Buffer overflow in FreeFloat FTP Server 1.0 illustrating how a single unsafe handler can generate multiple CVE entries across different commands.
1CVE-2026-5281. CVE-2026-5281 (Chrome Dawn WebGPU UAF) analysis, lab validation tools, and reproducible environment for vulnerable vs patched builds.
1CVE-2026-31431. A structured explanation of CVE-2026-31431 (Copy Fail), connecting the three kernel changes that introduced the vulnerability and enabled its exploitation.
1Landing-Your-First-Cybersecurity-Job. A practical guide to turning cybersecurity knowledge into visible evidence that helps you land your first cybersecurity job.
1EV-Cybersecurity-Specialist. Research notes, standards, attack surfaces, charging infrastructure security, and practical resources for electric vehicle cybersecurity.
1