My Projects

HTB Admin

A Python CLI tool for HackTheBox automation: machine management, automatic /etc/hosts updates, challenges, Sherlocks, ProLabs, VPN, hooks, and competitive release mode. Built with Typer and Rich.

A Python-based command-line tool for HackTheBox administration and automation, designed for competitive users and penetration testers. Features include:

  • Machine Management: Start, stop, reset, and submit flags with a single command
  • Automatic Hosts Management: Auto-update /etc/hosts with machine IPs on spawn
  • Virtual Host Support: Easily add vhosts as you discover them during enumeration
  • Challenge Management: List, download, start Docker instances, and submit flags
  • Sherlock Support: List, download evidence, and submit task answers for DFIR challenges
  • ProLab Support: Track progress, manage active labs, and submit flags
  • VPN Management: List servers and download OVPN configs
  • Competitive Mode: Auto-detect release time and spawn exactly when a box drops
  • Hook System: Run commands automatically on spawn, stop, or flag submission, or use --run for one-off automation (new in v1.0.0)
  • User/Team Info: Display profiles, stats, and rankings
  • Secure: API tokens stored in the system keyring, never in plaintext

Built with Python, Typer, Rich, and Pydantic for a modern CLI experience with beautiful terminal output.

Python CLI Security HackTheBox Automation
GitHub GitLab

WinRMExec with Autocomplete

A fork of WinRMExec adding command autocomplete for enhanced interactive shell experience

An enhanced fork of ozelis/winrmexec, an Impacket-based WinRM client for remote code execution on Windows systems. This fork adds command autocomplete functionality for a more efficient interactive shell experience during security assessments.

Key features:

  • Command Autocomplete: Added autocomplete support using prompt_toolkit for faster command entry
  • Multiple Authentication Methods: NTLM, Kerberos, Basic Auth, Client Certificates, and CredSSP
  • Interactive Shell Mode: Full interactive shell with history and command completion
  • AMSI Bypass Support: Includes experimental evil-winrm style features
  • File Transfer: Upload and download files to/from remote Windows hosts
  • HTTP/HTTPS Support: Works over both protocols with Channel Binding Token support

Built on the Impacket library for robust Windows protocol implementation.

Security Python WinRM Windows Remote Execution Pentesting
GitHub GitLab

CSR Parser

A Python CLI tool for parsing and analyzing Certificate Signing Requests with human-readable output

A full-featured Python CLI tool that parses Certificate Signing Requests (CSRs) and displays their information in human-readable format or structured JSON. Built as a learning project to understand X.509 certificate structures and PKI internals.

Key features:

  • Multiple Format Support: Parse both PEM and DER formatted CSRs
  • Complete Subject Extraction: Display all subject information (CN, O, OU, C, ST, L, etc.)
  • Public Key Details: Show algorithm, key size, and EC curve names
  • Extension Parsing: Extract and display all X.509 extensions (SANs, Key Usage, etc.)
  • Signature Verification: Verify the CSR’s self-signature validity
  • Flexible Input: Accept input from files, stdin, or direct string arguments
  • JSON Output: Structured JSON output for scripting and automation
  • Modern Python: Built with cryptography library and proper CLI argument parsing

→ Read more about this project

Python Cryptography CLI PKI Security Tools
GitHub GitLab

HTB Logo Fetcher

A command-line tool to fetch logo URLs for HackTheBox machines

A simple and efficient command-line tool that fetches logo URLs for HackTheBox machines. Perfect for automation scripts and integrations.

Key features:

  • Simple CLI: Fetch machine logos with a single command
  • Smart URL handling: Automatically handles relative and absolute URLs
  • Web scraping: Uses BeautifulSoup to parse HTB’s machine listing page
  • Lightweight: Minimal dependencies (requests, beautifulsoup4)
  • Easy installation: Install via uv or pip from GitLab

Built with Python using requests and BeautifulSoup for efficient web scraping and HTML parsing.

Example usage:

htb-logo Lame
# Output: https://www.hackthebox.com/storage/avatars/...
Python CLI Web Scraping HackTheBox
GitHub GitLab

CVE-2025-32463 Exploit

A proof-of-concept exploit for a critical privilege escalation vulnerability in sudo's chroot feature

A proof-of-concept exploit demonstrating CVE-2025-32463, a critical local privilege escalation vulnerability in sudo’s chroot feature. This educational project showcases the security flaw and proper exploitation techniques for authorized security testing and research purposes.

Key features:

  • Critical Vulnerability: CVSS 9.3 severity privilege escalation flaw
  • Chroot Race Condition: Exploits NSS library loading in sudo’s -R chroot option
  • No Sudo Permissions Required: Any local user can escalate to root without sudo rules
  • Dockerized Testing: Includes isolated environment for safe vulnerability testing
  • Educational Purpose: Demonstrates security research and proof-of-concept development
  • Simple Usage: Build Docker container and execute the POC script

The vulnerability exploits a race condition in how sudo handles Name Service Switch (NSS) libraries during chroot operations. When sudo performs a chroot, it loads NSS libraries before dropping privileges, allowing an attacker to inject a malicious library that executes with root privileges.

Affected Versions: sudo 1.9.14 through 1.9.17

Mitigation: Upgrade to sudo 1.9.17p1 or later, monitor for suspicious sudo -R usage, and implement additional access controls for local users.

Security CVE Exploit Sudo Privilege Escalation Linux
GitHub GitLab

Personal Portfolio Website

A modern, performant portfolio website built with Astro and Tailwind CSS

A sleek and performant portfolio website showcasing my projects, blog posts, and professional experience. Built with Astro for blazing-fast static site generation and styled with Tailwind CSS.

Key features:

  • Lightning-fast performance: Static site generation with Astro for optimal loading speeds
  • Content Collections: Organized blog posts and projects using Astro’s content collections
  • Responsive design: Mobile-first design that works beautifully on all devices
  • Search functionality: Client-side search for blog posts and content
  • Modern styling: Gradient effects and smooth transitions using Tailwind CSS
  • SEO optimized: Meta tags and structured data for better search visibility

This project demonstrates modern web development practices with a focus on performance, maintainability, and user experience.

Astro Tailwind CSS TypeScript Markdown
View Live →

CVE-2022-25765 Exploit

A proof-of-concept exploit for a critical command injection vulnerability in PDFKit

A proof-of-concept exploit demonstrating CVE-2022-25765, a critical command injection vulnerability in PDFKit versions prior to 0.8.7.2. This educational project showcases the security flaw and proper exploitation techniques for security research purposes.

Key features:

  • Critical Vulnerability: CVSS 9.8 severity command injection flaw
  • URL Sanitization Bypass: Exploits inadequate shell metacharacter escaping
  • Reverse Shell Payload: Establishes unauthorized system access through injected commands
  • Educational Purpose: Demonstrates vulnerability assessment and proof-of-concept development
  • Simple Usage: Requires target URL, attacker IP, and listener port

The vulnerability exists in PDFKit’s URL sanitization logic, where shell metacharacters like backticks can evade checks and execute arbitrary commands when URLs are passed to wkhtmltopdf.

Affected Versions: PDFKit 0.0.0 through 0.8.6

Mitigation: Upgrade to PDFKit 0.8.7.2 or later, implement strict input validation, and use containerization with minimal privileges.

Security CVE Exploit PDFKit Ruby Python
GitHub GitLab