Skip to content
View xtofuub's full-sized avatar
💭
meowing
💭
meowing
3 followers · 9 following

Highlights

  • Pro

Block or report xtofuub

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
xtofuub/README.md

xtofuub banner

Typing SVG

Portfolio

whoami

┌──(edwin㉿kali)-[~]
└─$ whoami

  name      →  Edwin
  role      →  Cybersecurity Specialist Jr
  focus     →  Security  /  Full Stack Dev  /  Reverse Engineering

  security  →  web pentesting, OSINT, CTI, malware analysis workflows
  rev_eng   →  reverse engineering, iOS app analysis, Frida instrumentation
  building  →  if something doesn't exist and I need it, I build it
  stack     →  TypeScript, React, Next.js, Node.js, Python, PowerShell, PHP
  tools     →  Kali, Burp Suite, Nmap, Wireshark, Frida, Triage, Shodan, Maltego
  vibe      →  "learn by breaking, build by doing"

┌──(edwin㉿kali)-[~]
└─$ █

current_focus

class Edwin:
    def __init__(self):
        self.currently_learning = [
            "Reverse Engineering",
            "Malware analysis + CTI reporting",
            "iOS pentesting with Frida",
            "Python scripting + tooling",
            "PowerShell automation",
            "Linux and Windows internals",
            "Web app security",
            "Full-stack security products"
        ]
        self.currently_building = [
            "Security tools",
            "AI-assisted analysis workflows",
            "Full stack web apps",
            "Browser extensions",
            "Internal dashboards and security UIs",
            "Random stuff that seems useful"
        ]
        self.vibe = "learn by breaking, build by doing"

tech_stack

Languages

Python TypeScript JavaScript PowerShell PHP SQL HTML5 CSS3 Bash

Frontend, Backend & Product UI

React Next.js Node.js Flask Tailwind CSS shadcn/ui Framer Motion Chrome Extensions

Cybersecurity, Malware Analysis & CTI

Kali Linux Burp Suite Nmap Wireshark Metasploit Frida Ghidra YARA Triage VirusTotal Shodan Maltego OSINT TryHackMe

Systems, Cloud & Infrastructure

Linux Windows iOS Azure Active Directory Google Cloud Supabase Vercel MySQL Docker VirtualBox Git

featured_projects

Public repositories with real project descriptions.

🔴 Offensive Security & Red Team
Project Description Tech
RavenC2 PowerShell-based remote control tool for managing a Windows machine via Telegram, intended for learning, automation experiments, and authorized remote administration PowerShell
PacketStorm Semi-automated Python deauther for Kali Linux lab environments Python Kali Linux
PS-CredentialPhisher PowerShell utility for testing Windows CredUI behavior and UAC prompt simulations in controlled environments PowerShell
mailsploit Security-focused email testing platform for analyzing spoofing behavior, SPF, and DMARC in defensive contexts Python
SpoofMail Modern responsive email security testing UI with file attachment support, previews, and smooth animations PHP HTML CSS JS
wilma-phish Wilma login clone made for authorized awareness and security testing demonstrations HTML
🧠 Malware Analysis, Reverse Engineering & iOS Research
Project Description Tech
Sentinel-VOIP Reverse-engineering research around VoIP app behavior using dynamic iOS runtime analysis JavaScript iOS Frida
PysilonDecoder Python tool for analyzing and decoding Pysilon-related malware artifacts and payload structure Python
Hashtrace Chromium extension that highlights cryptographic hashes on web pages and checks VirusTotal reputation inline JavaScript VirusTotal
REVios-AI AI-assisted iOS reverse engineering and jailbreak analysis workspace concept TypeScript AI iOS
ios-jailbreak-ssh-mcp MCP-style bridge concept for interacting with jailbroken iOS files over SSH in authorized environments TypeScript SSH MCP
Melani-AI⭐ Concept landing page for an AI-native reverse engineering workspace for binary and malware analysis Landing Page AI
🌐 Web Tools, Dashboards & Full Stack Development
Project Description Tech
RevOps-Dashboard Weekly RevOps metric tracking dashboard with analytics, critical signal detection, and executive summaries TypeScript Next.js Supabase
fitsec-focus-coach Internal employee management platform for FitSec for monitoring work sessions, break times, and productivity TypeScript
fitsec-usbguard USBGuard UI revamp with Framer-style motion, liquid glass effects, and a polished security-themed interface TypeScript UI
SMBitan Dark-themed web UI for browsing, searching, and previewing files on SMB/UNC network shares JavaScript Python Flask
Solveify Browser extension that uses the Gemini API to analyze highlighted questions and generate answers JavaScript Browser Extension
NyxRepost Advanced TikTok repost analytics dashboard with charts, word clouds, creator stats, and profile comparison HTML JS
xtofuub.github.io Personal portfolio website HTML CSS JS
📚 Research & Resources
Project Description Tech
Cyber-Resources Curated collection of cybersecurity, OSINT, malware analysis, reconnaissance, and threat intelligence resources Docs

stats

GitHub Streak

TryHackMe Badge

contribution_grid

Snake animation

Pinned Loading

  1. mailsploit mailsploit Public

    Forked from Triotion/email-spoofing

    A security-focused platform for email that demonstrates advanced spoofing techniques while analyzing domain authentication protocols such as SPF and DMARC. Designed for defensive testing and securi…

    Python 2

  2. RavenC2 RavenC2 Public

    A PowerShell-based remote control tool for managing a Windows machine via Telegram, intended for learning, automation experiments, and authorized remote administration.

    PowerShell 1

  3. ios-files-mcp ios-files-mcp Public

    A local MCP server that lets AI clients safely read and write files on jailbroken iOS devices over SSH/SFTP.

    TypeScript

  4. Hashtrace Hashtrace Public

    Hashtrace is a lightweight Chromium extension for cybersecurity researchers. It highlights cryptographic hashes on web pages and fetches their VirusTotal reputation, all in a sleek, user-friendly …

    JavaScript

  5. Cyber-Resources Cyber-Resources Public

    A curated collection of cybersecurity, OSINT, malware analysis, reconnaissance, and threat-intel resources that I personally use for research, learning, and testing. (TOO LAZY TO UPDATE)

  6. SMBitan SMBitan Public

    SMBitan - A network file browser. Browse, search, and preview files on SMB/UNC shares with a dark-themed web UI.

    JavaScript 1