I'm ExploitCraft β a 13-year-old self-taught developer from Bangladesh building open-source security tools. Started from zero, learned by doing, and shipped real projects with proper tests, documentation, and CI/CD.
- π Currently building the ExploitCraft security toolkit
- π± Learning penetration testing, network security, and Next.js
- π― 2026 Goal: grow ExploitCraft into a recognized open-source security org
- β‘ Fun fact: Googled my way to shipping 533-test Python frameworks at 13
π ReconNinja β v7.1.0
21-phase automated recon framework β subdomain enum, port scanning (RustScan/Masscan/Nmap), web discovery (httpx/Nikto/Nuclei), CVE lookup, AI threat analysis, plugin system, resume support, dark-mode HTML reports. 533 tests Β· Python Β· MIT
πΎ VaultHound β v1.0.0
Secret & credential scanner β URL mode, directory mode, git history mode. 43 detection patterns covering AWS, GCP, GitHub, Stripe, OpenAI, Anthropic, Slack, private keys, JWT, DB strings. Entropy-based false positive filtering. Python Β· MIT
π envleaks β v1.1.0
Secret & credential scanner for codebases, git history, and Docker images. 60+ detection patterns covering AWS, GitHub, OpenAI, Anthropic, Stripe, Slack, private keys, JWT, DB strings. SARIF output for GitHub Advanced Security. CI/CD pipeline mode. Python Β· MIT
π‘ wifi-passview β v1.1.1
Cross-platform CLI to dump saved WiFi credentials in one command. Linux (NetworkManager, wpa_supplicant, iwd), Windows (netsh), macOS (Keychain). Terminal, JSON, and CSV output. Redact mode for safe screenshots. Python Β· MIT
π― gitdork β v1.1.0
Google, Shodan, and GitHub dork generator. Feed it a repo URL or domain β get ready-to-use dork queries targeting exposed secrets, sensitive files, open directories, and misconfigs. Built for pentesters and bug bounty hunters. Python Β· MIT
