Remoting Reloaded

Cross-platform tool for exploiting legacy .NET Remoting services over TCP and HTTP channels. Handles payload generation internally, no ysoserial.net or .NET Framework dependency required. Runs on Linux, macOS, and Windows.

• TypeConfuseDelegate gadget chain via TCP (raw NRBF)
• ObjRef + built-in rogue TCP server for safer callback-based exploitation
• TextFormattingRunProperties / XAML ObjectDataProvider chain over HTTP/SOAP
• Bulk target scanning with wordlist support and log output

Private Burp Collaborator with Proxy

Automated deployment of the Burp Collaborator server with nginx proxy for offensive security operations. Can be used for "hiding" Burp Collaborator behind a normal-looking website.

• Terraform for AWS infrastructure
• Ansible for server config
• Nginx reverse proxy with subdomain validation
• Generic static site (replace this)

Hack The Box Academy to Markdown

Command-line tool to fetch and convert HTB Academy modules to markdown format for offline reference and note-taking. Useful for building a personal knowledge base from Academy content.

• Clean markdown output preserving formatting and structure
• Offline access to Academy modules
• Integration with note-taking tools like Obsidian

Game Role Attendant

Full-stack web application for managing hidden identity role-based games, featuring real-time state management and a web-based interface. Built as a learning project to get familiar with JavaScript frameworks and WebSocket communication.

• Real-time game state synchronization using WebSockets
• Responsive web interface with Quasar/Vue.js
• RESTful API backend with Node.js
• Session management and role assignment logic

More Projects Coming Soon

Currently working on additional offensive security tooling and automation projects. Check back later or follow me on GitHub for updates.