Open-Source Tools

A modular external reconnaissance framework for attack surface enumeration. Combines passive DNS, certificate transparency, port scanning, and screenshot capture into a single, parallelised pipeline.

Cloud asset enumeration for AWS, Azure, and GCP. Identifies exposed storage buckets, publicly accessible services, and misconfigured IAM roles from an unauthenticated external perspective.

Active Directory attack path visualisation. Queries BloodHound data and generates prioritised attack path reports highlighting the shortest route to domain compromise.

An API security fuzzing framework built for modern REST and GraphQL APIs. Supports OpenAPI specification ingestion, smart payload generation, and BOLA/BFLA detection heuristics.