tarun koyalwar

Projects

OSS work at ProjectDiscovery — Nuclei, Alterx, and the rest of the toolkit — plus AI-security research and the tools that got him hired.

projectdiscovery oss

Nuclei (external)

Fast, customizable vulnerability scanner built on a YAML template DSL. 7th all-time contributor (175 contributions) on a flat core team — authored the v3 Go SDK (#4104, ~10 lines to integrate), proposed multi-protocol template execution, and co-developed the JavaScript scripting engine (goja, #4109 — 8,616 lines across 124 files, 15+ protocol libraries: SSH, MySQL, Redis, LDAP, SMB, Postgres) and flow. Later drove v3.2's fuzzing, authenticated scanning (-secret-file, OAuth) and ECDSA template signing, plus a 40–70% scan-speed improvement (#5148).

go · ~29k★ · core maintainer

Alterx (external)

Pattern/DSL-based subdomain permutation generator: define a small grammar of custom patterns instead of a static wordlist, and it expands them into candidate hostnames for active enumeration ahead of a scan.

go · ~940★ · author

Subfinder, Katana, httpx, tlsx, Cloudlist, Cvemap (external)

Continued contributions across ProjectDiscovery's OSS toolkit: SARIF output, AWS SigV4 support, and the PDCP dashboard in httpx; OpenSSL/OCSP handling and cipher detection in tlsx; new sources and wildcard-certificate detection in Subfinder.

go · katana ~16.4k★ · tlsx ~1,087★

ai-security research

Neo — evals & benchmarking (external)

PD's offensive-security AI agent. Works on the run-level harness, annotation and evals at scale, and trace-level observability that show what Neo actually did on a target — not just whether it succeeded. Published: 85% (51/60) on Argus under a hardened black-box methodology, and a 189-run behavioral audit of offensive-security LLM runs, to be presented at BSides Las Vegas 2026.

neo · 85% (51/60) argus · 189 runs audited

earlier tools

Talosplus (external)

Template-based recon-automation framework in Go: annotates plain bash scripts (@vars, #modules) into a Go-managed parallel execution graph, with MongoDB/BBoltDB persistence, Discord notifications, and stop/resume for long-running scans. Taught him the most Go of anything he'd built — one of the two tools that got him hired at ProjectDiscovery.

go · ~92★ · last commit mar 2023

Sandman (external)

Note-taking and target-tracking GUI for pentesters, written in Go and wired into his recon pipeline so findings from Talosplus runs landed somewhere structured. Built to learn the language — the other tool that got him hired.

go · ~42★ · archived