The Arsenal

Tor identity rotator with a real-time TUI. Rotate circuits on demand and watch every hop go by.

High-performance, extensible proxy with DNS-over-HTTPS, custom routing (Tor/I2P), and SSL pinning for granular traffic control.

Red-team command-and-control framework built on a decentralized, NAT-traversing P2P transport (WebRTC, libp2p, IPFS). Operator traffic blends into ordinary network noise, the infrastructure resists takedown, and a seized node doesn't sink the channel. The threat model assumes the defender owns the network. For authorized engagements and research.

Multi-agent framework for red-teaming LLMs. Coordinated agents probe lab models for prompt injection, guardrail bypass, and system-prompt leakage, then write up what actually worked.

Flagship recon CLI that composes pyscan and subhunter into one command. Point it at an external surface and get back a single ranked report.

Async TCP connect scanner with banner grabbing and JSON output. Fast because it waits on hundreds of ports at once instead of one at a time.

Subdomain enumeration two ways: passive via Certificate Transparency (crt.sh) and active via wordlist brute-force, resolving whichever hosts are alive.

Context-aware reflected-XSS detector. Injects a marker, finds where it lands, then picks a break-out payload for that specific context.

Error-, boolean-, and time-based SQL injection detector for authorized lab targets, with honest false-positive notes.

IDOR / BOLA finder. Replays one request across two user sessions and diffs the responses to flag broken object-level authorization.

Kerberos user enumeration, AS-REP roasting, and Kerberoasting helper around impacket. Readable output, hashcat-ready hashes.

Wraps LDAP and Kerberos tooling into one CLI that enumerates a domain and prints the attack path in plain English.

Rust rewrite of pyscan: a single static binary with no interpreter to drag onto the target. Async via tokio.

Reads auth.log and ranks the top failed-SSH source IPs. Small, sharp, and the first tool in the kit.

Memory-safe, autonomous security infrastructure for deterministic threat investigation.

Unsupervised Anomaly Detection in System Logs.

Added Metadata::get_or for cleaner parameter access with defaults, reducing boilerplate and improving ergonomics in dora-rs.

Enhanced .into_iter() suggestions for nested references, fixing over-borrowed code patterns in the official Rust linter.