Welcome to my GitHub profile! I'm a cybersecurity enthusiast and offensive security developer with a passion for network protocols and low-level systems programming. I enjoy exploring the intricacies of digital systems, contributing to open-source projects, and developing tools that enhance security research.
- Offensive Security Development: Crafting tools and exploits to assess and improve system security.
- Network Protocols: Deep understanding of protocols like SMB, LDAP, Kerberos, and Netlogon.
- Reverse Engineering: Analyzing binaries and systems to understand their inner workings.
- Open-Source Contribution: Active contributor to projects like Impacket and Metasploit Framework.
- Contributed to the development and enhancement of payloads and modules, focusing on expanding the framework's capabilities in penetration testing and exploit development.
- Contributed to the Mettle payload, improving cross-platform capabilities and adding low-level features to support advanced post-exploitation tasks.
-
net.py
Script: Developed a Python script that emulates the Windowsnet
command, enabling remote user and group management via the SAMR protocol. This tool enhances the capabilities of security professionals in managing and auditing Windows environments. -
eventlog.py
Script: Developed a Python script enabling remote clearing and exporting of specific Windows Event Log channels, facilitating efficient log management and analysis across networked systems. -
dumpntlminfo.py
Tool: Developed a script to extract NTLM authentication negotiation details from remote hosts without requiring credentials. Focused on SMB protocols (1/2/3), it utilizes custom classes based on SMBConnection to access information not exposed in standard responses—such as dialect version, signing options, maximum SMB request size, and server time details. The tool also reports server boot time when available, aiding in passive network reconnaissance.
- Developed a series of vulnerable labs as part of the OWASP Security Knowledge Framework (SKF) to demonstrate real-world web application security issues using Flask. These labs help developers and security professionals learn secure coding practices through hands-on, practical examples.
-
Metasploit Framework: A comprehensive platform for developing, testing, and executing exploits.
-
Impacket: A collection of Python classes for working with network protocols, essential for crafting custom network tools and exploits.
-
skf-flask: This project is designed for hands-on learning of web vulnerabilities and secure coding practices, making it valuable for both security training and tool testing.
- GitHub: NtAlexio2
- X (Twitter): @NtAlexio2
- Website: ntalexio2.github.io
Feel free to connect or reach out if you're interested in collaboration or discussions related to cybersecurity, open-source development, or network protocols!