A security auditor for Tailscale configurations. Scans your tailnet for misconfigurations, overly permissive access controls, and security best practice violations.

A collection of types & functions definitions useful for iOS/macOS binaries analysis.

Extract Binaries from Apple's Dyld Shared Cache

iOS/macOS Research Swiss Army Knife

LIEF - Library to Instrument Executable Formats (C++, Python, Rust)

📝 Terminal-based crossword puzzle solving interface

Helper to register VOIP phone numbers on Signal and set up a unique Signal Desktop instance (macOS only)

Streaming music player that finds free music for you

Cryptolog is a tool for anonymizing webserver logs.

Command-line tool that allows searching and downloading app packages (known as ipa files) from the iOS App Store

A simple alternative to homebrew for installing binary packages on MacOS & Linux written in Go.

Open-source infrastructure for Computer-Use Agents. Sandboxes, SDKs, and benchmarks to train and evaluate AI agents that can control full desktops (macOS, Linux, Windows).

A simple, modern and secure encryption tool (and Go library) with small explicit keys, no config options, and UNIX-style composability.

Terratest is a Go library that makes it easier to write automated tests for your infrastructure code.

Limited DNS server with RESTful HTTP API to handle ACME DNS challenges easily and securely.

Automate crossposting web3isgoinggreat.com posts to social media

Python script to synchronize information between Mosyle and SnipeIT

An RSS to ActivityPub converter.

Find, verify, and analyze leaked credentials

Repository for code developed for Saving Ukrainian Cultural Heritage Online (SUCHO) project

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

OpenSnitch is a GNU/Linux interactive application firewall inspired by Little Snitch.

Small and highly portable detection tests based on MITRE's ATT&CK.

A static analysis security vulnerability scanner for Ruby on Rails applications

A tool for getting SSH keys out of LDAP

It tells you when you VPN

Open-source vulnerability disclosure and bug bounty program database

Resources and materials for DEF CON 2018 Packet Hunting Workshop

Various Dockerfiles I use on the desktop and on servers.