Open-Source

An open-source AWS training range for learning agentic AI security. Deploy a realistic AI agent, toggle six misconfigurations via Terraform, and run five attack scenarios covering prompt injection, RAG poisoning, data exfiltration, and a full kill chain.

After nearly a year of pentesting Salesforce orgs, I built aura-privesc: an open-source scanner that automates Aura/Lightning privilege escalation discovery. It finds exposed objects, tests CRUD permissions, probes Apex controllers, and generates interactive HTML reports with ready-to-use proof-of-concept commands.