A collection of security tools, research, and experiments. These range from purpose-built offensive tooling to vulnerability research and AI security explorations.
๐ MCP Attack Surface Research
Category: AI Security / Vulnerability Research
A deep-dive into the security implications of the Model Context Protocol (MCP) โ the rapidly-adopted standard for connecting AI agents to external tools and data sources. Research covers tool poisoning, cross-server shadowing, rug pull attacks, and practical mitigations.
๐ ๏ธ Custom Wordlist Generation Framework
Category: Penetration Testing / Tooling
A methodology and toolset for building targeted, high-value wordlists for penetration testing engagements โ combining OSINT techniques, web scraping, and mutation strategies to maximize credential attack effectiveness against specific targets.
๐ Read the writeup
๐ OSWE Preparation Curriculum
Category: Research / Education
A curated study path and resource collection developed during preparation for the OffSec Web Expert (OSWE) exam, covering white-box web application analysis, source code auditing, and exploit chain development. Includes commentary on AI-assisted study methodologies.
๐ Read the prep guide
๐ Read the exam review
๐ค Offensive Security ร AI/ML
Category: Research / Emerging Threats
Ongoing research into the intersection of offensive security tradecraft and machine learning โ covering adversarial inputs, LLM attack surfaces, AI agent exploitation, and the implications of ML systems in enterprise environments. Informed by active M.S. Computer Science (AI/ML) coursework.
More tools and research in progress. Follow on GitHub or LinkedIn for updates.