Initializing security protocols
0%
Logo
IDENTITY / 001
Chapter I · Identity

Sujal(Neok1ra)

Red Team Tool Developer | Offensive Security Automation Engineer

Offensive security engineer building modular toolchains. Creator of LightScan, WRAITH-NET, GRIMOIRE, and KIRA.

Async Recon FrameworksOperator ToolchainsLinux Security Automation
Scroll
Chapter II · The Architecture

Operator-Grade
Infrastructure.

I build automation frameworks for attack surface intelligence, asynchronous reconnaissance, payload generation, and Linux deployment. My tools integrate into full engagement pipelines rather than operating as standalone scripts.

Operator Workflow Architecture

WRAITH-NET

Passive intelligence collection & attack surface intel

LightScan

Active service enumeration & credential workflows

GRIMOIRE

Payload generation, pivot tracking, session orchestration

KIRA

Hardened Linux deployment environment provisioning

Reporting Infrastructure

Tools generate structured engagement reports to ensure workflow maturity and seamless handoffs:

JSON (machine readable)
Markdown (analysis ready)
HTML (interactive operator report)
Chapter III · The Arsenal

Core Tool Ecosystem

Unified Red Team Operator Platform

grimoire

#c2-framework#red-team#session-pivoting#payload-generation#python

A modular post-exploitation command-and-control platform designed for session management, pivoting, and payload deployment.

Key Capabilities
  • TUI Operator Console
  • Pivot chain visualization
  • Dynamic payload generator
  • Encrypted communication channels
View Repository

Zero-Friction File Sharing

hashit

#file-sharing#fastapi#privacy#docker#python

Drop a file, get an instant link. Fast, private, and lightweight file-sharing service powered by FastAPI.

Key Capabilities
  • Drag-and-drop web UI
  • Instant unique download links
  • Automatic file expiration
  • Self-hostable with Docker
View Repository

Hardened Arch Linux Installer

kira-installer

#arch-linux#system-hardening#deployment-automation#bash#encryption

Automated interactive installer script to deploy a fully encrypted, secure, and ready-to-use Arch Linux environment for security operators.

Key Capabilities
  • Full LUKS2 Disk Encryption
  • Automated LVM configuration
  • Secure system defaults
  • Interactive TUI script
View Repository

Async Network Recon Suite

LightScan

#network-security#async-scanner#recon#vulnerability-scanning#python

High-speed asynchronous network scanner designed to identify open ports, map subdomains, and detect services with minimal overhead.

Key Capabilities
  • Asynchronous TCP/UDP scanning
  • DNS zone transfer detection
  • Automated banner grabbing
  • CVE correlation engine
View Repository

Offensive Security Toolset

ne0suite

#web-security#vulnerability-assessment#security-auditing#automation#python

A collaborative collection of automated offensive security scripts and tools targeting web application vulnerabilities and configuration audits.

Key Capabilities
  • Web vulnerability scanner
  • Security header analysis
  • SSL/TLS configuration checks
  • Automated audit reports
View Repository

Website to Native Desktop App Wrapper

pico

#electron#app-wrapper#cli#desktop-app#nodejs

Command-line tool to turn any web application or website into a native, standalone desktop application for Windows, macOS, and Linux.

Key Capabilities
  • Native OS window wrapping
  • Supports offline caching
  • Custom app icon injection
  • Cross-platform support
View Repository

DevSecOps Static Analysis

shadowci

#devsecops#static-analysis#vulnerability-detection#ci-cd-security#python

A security-focused continuous integration auditing framework designed to detect hardcoded credentials and library vulnerabilities in codebases.

Key Capabilities
  • Secret leak detection
  • Dependency vulnerability scanning
  • Static code analysis
  • Automated pipeline integration
View Repository

Binary Analysis PE/ELF Parser

sigil

#binary-analysis#reverse-engineering#malware-analysis#rust#elf-parser

A high-performance static binary parser written in Rust for examining PE and ELF file formats, primarily tailored for malware analysis and anti-cheat research.

Key Capabilities
  • Static PE/ELF file parsing
  • Imports and Exports extraction
  • Entropy and section analysis
  • Anti-cheat mitigation research
View Repository

Attack Surface Monitoring

wraith-net

#asset-mapping#risk-score#passive-recon#subdomain-discovery#python

Continuous attack surface discovery platform that maps external assets, identifies subdomains, and calculates risk scores.

Key Capabilities
  • Subdomain intelligence gathering
  • Service fingerprinting
  • Threat exposure mapping
  • Dynamic risk-scoring engine
View Repository
FRAMEWORKS / 003
Chapter III · GRIMOIRE & KIRA

Sixteen vectors
of autonomous exploitation.

GRIMOIRE handles complex payload generation while KIRA coordinates the execution matrix. Drag the catalog to explore the module repository.

G-01
INJECTION
0x00400000

Process Hollowing

01 / 16
Ring 3STABLE
G-02
PATCH
0x7FFA0000

AMSI Bypass

02 / 16
Ring 3DYNAMIC
K-01
AUTH
0x00000000

NTLM Relay

03 / 16
NetworkSTABLE
K-02
TGS
0x00000000

Kerberoasting

04 / 16
NetworkACTIVE
G-03
PRIVESC
0xFFFFF800

Token Impersonation

05 / 16
Ring 0STABLE
G-04
API
0x00000000

Direct Syscalls

06 / 16
Ring 3DYNAMIC
K-03
STEALTH
0x00000000

DNS Beaconing

07 / 16
NetworkACTIVE
K-04
STEALTH
0x00000000

Domain Fronting

08 / 16
NetworkACTIVE
G-05
INJECTION
0x00000000

Reflective DLL

09 / 16
Ring 3STABLE
K-05
AD
0x00000000

BloodHound Ingest

10 / 16
NetworkACTIVE
G-06
PATCH
0x7FFA0000

ETW Patching

11 / 16
Ring 3DYNAMIC
K-06
LATERAL
0x00000000

DCOM Exec

12 / 16
NetworkSTABLE
G-07
CREDENTIALS
0x00000000

LSASS Dump

13 / 16
Ring 3STABLE
K-07
AUTH
0x00000000

SMB Relay

14 / 16
NetworkSTABLE
G-08
PERSISTENCE
0x00000000

COM Hijacking

15 / 16
Ring 3STABLE
K-08
LATERAL
0x00000000

WMI Exec

16 / 16
NetworkSTABLE
16 / ∞ · Catalog open
Chapter IV · The Knowledge Base

Technical Expertise

Languages

  • Python (primary)
  • Bash
  • C
  • C++
  • JavaScript

Domains

  • Attack surface intel
  • Async reconnaissance
  • Credential workflows
  • Pivot chain modeling
  • Payload automation

Systems

  • Linux (Arch-focused)
  • Networking fundamentals
  • CLI automation pipelines
  • TUI engineering

Current Research Focus

Operator workflow automation
Recon-to-pivot pipelines
Credential attack optimization
Modular red-team architecture
CONTACT / 005
Chapter V · Engagement

Initiate Black Box Analysis.

Secure your infrastructure before adversaries map it. I provide bespoke offensive security automation and advanced threat simulation.

Establish Secure Channel
github.com/ne0k1r4

Focus

  • Red team tooling
  • Security automation
  • Operator workflow platforms

Open To

  • Security research collaboration
  • Internships
  • Red-team engineering roles
ALIAS: Sujal (NEOK1RA)