Projects
OSS work at ProjectDiscovery — Nuclei, Alterx, and the rest of the toolkit — plus AI-security research and the tools that got him hired.
projectdiscovery oss
Nuclei (external)
Fast, customizable vulnerability scanner built on a YAML template DSL. 7th all-time contributor (175 contributions) on a flat core team — authored the v3 Go SDK (#4104, ~10 lines to integrate), proposed multi-protocol template execution, and co-developed the JavaScript scripting engine (goja, #4109 — 8,616 lines across 124 files, 15+ protocol libraries: SSH, MySQL, Redis, LDAP, SMB, Postgres) and flow. Later drove v3.2's fuzzing, authenticated scanning (-secret-file, OAuth) and ECDSA template signing, plus a 40–70% scan-speed improvement (#5148).
go · ~29k★ · core maintainer
Alterx (external)
Pattern/DSL-based subdomain permutation generator: define a small grammar of custom patterns instead of a static wordlist, and it expands them into candidate hostnames for active enumeration ahead of a scan.
go · ~940★ · author
Subfinder, Katana, httpx, tlsx, Cloudlist, Cvemap (external)
Continued contributions across ProjectDiscovery's OSS toolkit: SARIF output, AWS SigV4 support, and the PDCP dashboard in httpx; OpenSSL/OCSP handling and cipher detection in tlsx; new sources and wildcard-certificate detection in Subfinder.
go · katana ~16.4k★ · tlsx ~1,087★
ai-security research
Neo — evals & benchmarking (external)
PD's offensive-security AI agent. Works on the run-level harness, annotation and evals at scale, and trace-level observability that show what Neo actually did on a target — not just whether it succeeded. Published: 85% (51/60) on Argus under a hardened black-box methodology, and a 189-run behavioral audit of offensive-security LLM runs, to be presented at BSides Las Vegas 2026.
neo · 85% (51/60) argus · 189 runs audited
earlier tools
Talosplus (external)
Template-based recon-automation framework in Go: annotates plain bash scripts (@vars, #modules) into a Go-managed parallel execution graph, with MongoDB/BBoltDB persistence, Discord notifications, and stop/resume for long-running scans. Taught him the most Go of anything he'd built — one of the two tools that got him hired at ProjectDiscovery.
go · ~92★ · last commit mar 2023
Sandman (external)
Note-taking and target-tracking GUI for pentesters, written in Go and wired into his recon pipeline so findings from Talosplus runs landed somewhere structured. Built to learn the language — the other tool that got him hired.
go · ~42★ · archived