Father, triathlete, security analyst and bug bounty hunter in spare time. My interests are honeypots, malwares collection, wardriving, forensic and bug bounties. I'm also an OpenBSD enthusiast and occasionally I contribute with the Metasploit project developing modules and porting public exploits for educational purposes only.
During the last years I managed many honeypot systems (ADB, DNS (a low bandwidth open resolver server to observe DNS amplification attacks automatically), SMB, SNMP, SSH, Telnet) and I shared data, blacklists and statistics with all the Internet (students, researchers, companies...). Currently the data is no longer shared. But you can find something below. My most successful open source project is snmpcheck, a tool to enumerate information via SNMP protocol. You can find it into the most secure Linux distros. Just out of curiosity, some references to my site or my tools.
If you have any question please let me know, my key ID is 941F9ED7AE7655A597BABF0F7E4A111756F1C790
Common Vulnerabilities and Exposures
Honeypots data (outdated)
Metasploit contribution
Metasploit experiments
NMAP NSE script
Bettercap contribution
Generic stuff
- amass_loop Bash script to provide a domains list to amass tool
- apache_gnuplot Bash script to parse Apache access log (CLF) and get total requests and bandwidth with Gnuplot charts (requests, bandwidth)
- appar Perl script to parse Apache access log (CLF) and migrate it to MySQL
- atrax A simple web spider useful during a penetration test
- backup.ps1 Powershell script to backup files and directories
- bind_stats Simple DNS Bind log parser (top FQDN,src,type,src port,src flag)
- check_routing_loop Scapy script useful to identify routing loops through ICMP time exceeded
- dns_amply, dns_amply_domain Search DNS server that respond at 'any +dnssec +ignore' requests. Useful to choose a good server and domain to use during a DNS Amplification Attacks.
- dns_tail_block DNS Bind log parser and iptables block
- dnsbrute Bash script to automate the discovery tasks
- domains_resolv Perl script to DNS lookup
- extract_ip Perl script to extract IP address from text
- firehol Perl script to download and check IP address from FireHOL lists
- host_info Perl script to obtain DNS/ASN/GEO info from a IP/FQDN address list
- jboss-status-gath Jboss status servlet clients info gathering
- inetsim_smtp_parser Inetsim SMTP log parser
- ip_catcher Bash script to extract IP address
- ip_create_list Perl script to create IP address list
- meta-generator Recon-ng auxiliary module. Checks for 'meta generator' tags. Useful to identify CMS
- nmap_parser Nmap parser written in Ruby using Nmap::Parser library
- phpinfo PHP shell with IP and User-Agent filter
- pkg_search Packages finder for OpenBSD
- reboot_fiber (mysrp.py) Python script to reboot TIM HUB fiber router
- RedHat73.zip Volatility profiles for Red Hat Enterprise Linux Server 7.3 (System.map-3.10.0-514.el7.x86_64)
- report_email Cowrie SSH honeypot daily report (HTML format)
- router_reboot Wireless modem router N300 rebooter
- sniffme A rude sniffer for jailbroken iPhone written on a gloomy day!
- snmpcheck Tool to enumerate information via SNMP protocol
- snmpscan SNMP multithread scanner written in Perl
- snmpsize A rudimentary snmpwalk-like with scapy. Useful to choose a good OID to use during a SNMP reflected amplification DDos attack
- sql_load_file Simple MySQL Injection load_file() fuzzer
- sshguessable Simple Ruby SSH bruteforcer (guessable user)
- ssl_cert_details Perl script to get SSL certificate details
- twitter_monitor Perl script to monitor your followers on Twitter filtering/excluding for keywords (DBM support)
- virustotal_report Python script to query VirusTotal for reports
- webss Perl script to scan web site
- wget_spider Bash script to crawl a web site with wget
- xor Ruby script to decrypt payload encrypted using XOR (XOR DDoS botnet)
Perl modules
Configurations
Miscellaneous stuff
