Open-source log correlation engine for security professionals. Parses output from 9 industry-standard tools, maps events to the MITRE ATT&CK framework, assigns detection risk scores (0.0–1.0), and exports structured rule sets. 96 automated tests. CI/CD pipeline via GitHub Actions.
View on GitHubShikhali Jamalzade
Who's behind the prompt.
Certifications & roadmap.
Seven earned across INE, CyberWarFare Labs, and The SecOps Group, with a clear path toward CWES, CPTS, OSCP, and CRTO.
Earned 7 / 7
Roadmap In progress
Tools built from real gaps.
Every tool here was born from a problem encountered during real security work.
AI-powered security reconnaissance tool. Performs web fingerprinting, WAF detection, subdomain enumeration, CVE correlation against detected technologies, CDN bypass, email harvesting, and generates structured HTML reports. Integrates with the Claude AI API. 189+ tests passing.
View on GitHubReal-browser XSS vulnerability scanner built on Playwright. Detects reflected, stored, and DOM-based injection. Uses AI-assisted payload generation for filter bypass. Headless Chrome execution catches issues that proxy-based tools miss. Ships as a global CLI tool with CVSS scoring.
View on GitHubMulti-threaded clickjacking vulnerability scanner. Analyzes security headers (X-Frame-Options, Content Security Policy), supports bulk target input, and generates professional HTML reports ready for client delivery.
View on GitHubOffline LinPEAS/WinPEAS output parser that generates copy-paste privilege escalation commands for CTF and pentest work. Rule-based, no dependencies. GTFOBins coverage across 426 binaries. 219+ automated tests across 15 Linux modules.
View on GitHubThe toolkit.
// Security Research
// Tools & Platforms
// Development
Experience.
- Independent vulnerability research targeting WordPress plugins. Multiple independently discovered n-day findings across production plugins. Active responsible disclosure pipeline — vendor contact, Docker-based PoC verification, coordinated reporting via WPScan.
- AI-powered SOC Platform (Next.js/Supabase): Privilege escalation via signup metadata manipulation to admin role, tenant isolation bypass allowing cross-tenant data access, session hijacking via JWT misconfiguration. Complete attack chain documented.
- Real Estate CRM (Supabase backend): IDOR vulnerabilities across tenant boundaries exposing sensitive client data, broken object-level authorization in property listing endpoints.
- Firebase API key exploitation — confirmed and acknowledged on Intigriti.
- Ongoing web application and API security research across multiple bug bounty programs.
- HackTheBox: Archetype (SMB enumeration → MSSQL xp_cmdshell → credential reuse), Silentium (Flowise SSRF → internal API → RCE), and multiple active machines.
- TryHackMe: Attacktive Directory (AS-REP Roasting → Kerberoasting → DCSync → full domain compromise), Olympus (Victor CMS SQLi + unrestricted file upload → RCE), Year of the Rabbit, Startup, Lookup, Wonderland, Overpass, Corridor (IDOR), Bounty Hacker, Biohazard, Break Out The Cage, Checkmate — all with published writeups.
- VulnHub: sunset:twilight, sunset:dawn, Shenron:1, Warzone:3 Exogen, chatME — full methodology walkthroughs published on Medium.
- Built and published five open-source offensive security tools: RedSEC (log correlation engine), GOD'S EYE (AI recon orchestrator), XSSSlayer (real-browser XSS scanner), CJ-Scanner (clickjacking scanner), ReadPEAS (LinPEAS/WinPEAS output parser).
- RedSEC recognized by Risto Vaarandi (TalTech professor, creator of the SEC framework) and Clayton Dukes (CEO, LogZilla) — led to a direct Zoom call about potential integration.
- Technical author on Medium under Infosec Write-ups publication — certification reviews (eJPTv2, CRTA, Web-RTA), machine writeups, and real attack methodology breakdowns.
- GitHub security audit of all public repositories — confirmed zero exposed credentials or API keys across GOD-S-EYE, XSSSlayer, CJ-Scanner, RedSEC.
Open to collaborations, opportunities, and interesting problems.
Whether you want to collaborate on a research project, discuss security topics, or explore opportunities — reach out. Response within 24 hours.