Skip to content
View xn0kkx's full-sized avatar
🌐
Online
🌐
Online
147 followers · 136 following

Achievements

Achievement: Pair Extraordinairex3Achievement: YOLOAchievement: QuickdrawAchievement: Pull Sharkx2

Achievements

Achievement: Pair Extraordinairex3Achievement: YOLOAchievement: QuickdrawAchievement: Pull Sharkx2

Organizations

@Cyberforce-Security @Black-Army-Security @Privmodel @WebRAD-Team @nichoplus-org

Block or report xn0kkx

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
xn0kkx/README.md

Lucas Turossi · @xn0kkx

Security Engineer · DevSecOps · Exploit Dev

What I do

I operate and harden production systems, and I research how they break. Two halves of the same job.

  • 7+ years running Linux/Cloud production for Brazilian enterprise clients (Madero, OAB, Ingresso Digital at CentralServer): thousands of servers, 99%+ uptime, on-call rotation, automation-first.
  • Co-founder at Cyberforce Security building an AI-assisted pentesting platform with autonomous LLM agents (FastAPI + Kubernetes + LiteLLM + RAG + MCP).
  • Public exploit development: PoC for CVE-2017-14980 — full reversing, shellcode, mitigation.
  • AI tooling security research: proof-of-concept attacks on LLM coding assistant runtimes (ClaudeStealer).
  • Studying towards DCPT (DESEC NPP course active) · AWS Certified Cloud Practitioner.

Stack

linux aws kubernetes terraform ansible jenkins github actions grafana python bash c go fastapi postgresql redis nginx

Security tooling: Burp Suite · Metasploit · Nmap · Wireshark · ProjectDiscovery (subfinder/httpx/nuclei) · ffuf · BloodHound · Wazuh · SonarQube · Snyk

Methodologies: OWASP Top 10 · OWASP API Top 10 · MITRE ATT&CK · Cyber Kill Chain · Diamond Model · PortSwigger Academy

Featured Work

Security research & exploits

  • Exploit_Sync_Breeze CVE-2017-14980 — Public PoC: stack-based buffer overflow in Sync Breeze Enterprise 10.0.28 (/login username parameter). Reversing, shellcode, reproduction.
  • ClaudeStealer — Research on attack surface in LLM coding assistant runtimes.

Offensive tooling (where infra meets attack)

  • SSH_C2C — Command-and-control over SSH protocol, multi-host orchestration.
  • CNPJHarvest — Brazilian corporate OSINT pipeline.
  • ShinobiRecon — Reconnaissance automation.

Infrastructure & DevSecOps

  • SysAdmin-Toolkit — Linux automation for provisioning, hardening, monitoring.
  • terraform-security-baselinepublishing this week · Hardened AWS baseline (IAM least-privilege, S3 SSE-KMS, CloudTrail, security groups, KMS rotation) with tfsec + checkov CI.
  • k8s-security-hardeningpublishing this week · Pod Security Standards, NetworkPolicies, OPA Gatekeeper, Falco rules, Cosign verification.

Studies & content

Stats

activity-graph

Contact

Email: lturossi at proton dot me · GitHub: @xn0kkx

Open to remote Security Engineer / DevSecOps / AppSec / AI Security roles · US/EU overlap · Brazil-based

Pinned Loading

  1. ClaudeStealer ClaudeStealer Public

    C

  2. CVE-2026-31431_CopyFail_LinuxKernel_LPE CVE-2026-31431_CopyFail_LinuxKernel_LPE Public

    Educational rewrite of the Copy Fail PoC (CVE-2026-31431) — Linux kernel LPE via algif_aead in-place crypto + splice() page-cache write

    Python 1

  3. Exploit_Sync_Breeze_v10.0.28_CVE-2017-14980 Exploit_Sync_Breeze_v10.0.28_CVE-2017-14980 Public

    Buffer overflow in Sync Breeze Enterprise 10.0.28 allows remote attackers to have unspecified impact via a long username parameter to /login.

    C

  4. nFTPBrute nFTPBrute Public

    Simple brute force for FTP

    Python 7

  5. SysAdmin-Toolkit SysAdmin-Toolkit Public

    A collection of Shell scripts to automate common Linux system administration tasks. Ideal for sysadmins looking to save time, standardize operations, and maintain more secure and organized environm…

    Shell 2

  6. Black-Army-Security/blackarmy-framework Black-Army-Security/blackarmy-framework Public

    Python 6