Skip to content
View byoniq's full-sized avatar
6 followers · 7 following

Block or report byoniq

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
byoniq/README.md

Typing SVG

πŸ’« About Me

I help Fortune 500 companies build Autonomous Security Programs and AI Red Teams. 20+ years in offensive and defensive security β€” from hands-on red team ops to vCISO engagements across regulated industries.

My GitHub is where I document the work: AI attack tooling, red team playbooks, cloud pentest methodology, and bug bounty systems. If it's offensive, automated, or AI-native, it's probably here.

πŸ”­ Currently working on AI-native security orchestration β€” autonomous red-team & OSINT-graph workflows (Claude Code + MCP servers like Shodan, Metasploit, Nuclei + Flowsint for visual entity investigations) that find and validate vulnerabilities at scale

πŸ‘― Looking to collaborate with AI security researchers, bug bounty hunters, red teamers, and anyone building on top of agentic AI for offensive security

🀝 Looking for help with Go tooling for recon automation, my first zero day, CVE and custom nuclei template development

🌱 Currently learning agentic AI attack surfaces, LLM jailbreak chains, and adversarial ML β€” alongside AI/ML coursework at MIT Sloan

πŸ’¬ Ask me about AI red teaming, bug bounty methodology, AWS privilege escalation, vCISO program builds, or how to run a white-box pentest at scale for under $2k

πŸ“« Reach me at sentinelsec.ai or @aladdinelston on Twitter

⚑ Fun fact: I recently ran 100 AI-powered white-box pentests across repos and found 4000 Critical/High vulnerabilities β€” including RCE, cross-tenant IDOR exposing bank PII, and committed AWS keys in production. A traditional firm would have billed $2M for the same scope.

🌐 Socials

Twitter LinkedIn Website

πŸš€ Featured Projects

Project What it is
Shannon Autonomous white-box AI pentester β€” analyzes source, executes real exploits
HexStrike-AI MCP server giving AI agents 150+ offensive-security tools
Flowsint Visual graph-based OSINT investigation platform
Personal AI Infrastructure Agentic AI infra for magnifying human capability
SecondBrain Research OS β€” DeepScientist + Obsidian synthesis
AI-Redteaming Curated LLM/AI attack tooling β€” prompt injection, jailbreaks, agentic threats
jsleaks Zero-dependency scanner for API keys & secrets in JS

πŸ’» Tech Stack

πŸ“Š GitHub Stats

πŸ“ˆ Contribution Graph

Activity Graph

πŸ† GitHub Trophies

✍️ Random Dev Quote

β˜• Support My Work

Buy Me a Coffee

Pinned Loading

  1. byoniq byoniq Public

    Security Researcher Β· vCISO Β· AI Red Team Operator

  2. RedTeaming-Tools RedTeaming-Tools Public

    This repository provides a comprehensive list of tools commonly used in red teaming operations, penetration testing, and offensive security exercises. The goal is to offer a centralized resource fo…

    3 1

  3. BugBountyMethod BugBountyMethod Public

    Personal bug bounty methodology: recon, API testing, auth bypass, IDOR, input handling β€” with tool-linked checklists

    3 1

  4. AI-Redteaming AI-Redteaming Public

    Curated LLM/AI attack tools β€” prompt injection, jailbreaks, agentic threats, adversarial ML, MCP attack surface

    6 4

  5. Redteam-Runbook Redteam-Runbook Public

    MITRE ATT&CK-mapped red team engagement playbook β€” TIBER-EU, CBEST, C2, AD/Entra ID, EDR evasion, purple ops

  6. Security-Resources Security-Resources Public

    Curated offensive security tools and references β€” AD, web app, cloud, containers, C2, exploit dev, OSINT

    Shell 1