🎓 CSIE Student | 💻 Cybersecurity & Network Defense Researcher

Hi — I’m Gao En-Zai, a CSIE student researching offensive-to-defensive cybersecurity, including reproducible lab environments, C2 behavior analysis, and anonymity automation.
I build hands-on educational labs using Kali Linux and VirtualBox to help defenders detect, analyze, and mitigate common attack patterns.

“The RB19 performs average in every aspect — and that’s what makes it great.” — Pierre Waché

A hands-on lab demonstrating how reverse shells and backdoors work from an attacker’s view, enabling defenders to study detection and mitigation using Kali Linux.

Quick Start:

1. Clone the repo
2. Run setup_lab.sh in your VM
3. Follow the guide for each lab stage

• Ethical penetration testing & red-team simulation
• Reverse shell exploitation and defense validation
• Automated anonymity (Tor + SOCKS5 + obfs4)
• Command-and-Control (C2) detection & behavior analysis
• Secure coding and vulnerability patching (RailsGoat project)

All repositories and demonstrations are for educational and authorized research use only.
Never use these tools against systems you do not own or lack permission to test.
Misuse is illegal and unethical.

Python · Bash · Linux (Kali, Debian, Parrot) · VirtualBox
Wireshark · GStreamer · dnsmasq · Tor · Apache2
fail2ban · auditd · Tripwire · Rails

• Build a full educational cybersecurity series combining offense, defense, and anonymity
• Publish open-source ethical hacking lab tutorials
• Expand Tor-based IP rotation automation with ML-based traffic analysis

• C2 Architecture Simulation — Python socket-based client/server for detection training
• Ghost Mode 3 — Automated Tor ControlPort IP rotation tool for anonymity research
• RailsGoat Patch Analysis — OWASP Top 10 web exploitation & defense demonstration
• Fake Wi-Fi Simulation — Legal phishing lab using airbase-ng, dnsmasq, and Apache2 to demonstrate fake hotspot risks and promote user awareness training.

Other (text listed): v4l-utils, scrot, auditd, lsof, syslog, netcat (nc), wget, bash, fail2ban, Tripwire, iptables, Logwatch, grep, diff, tail, Stem (Tor controller), obfs4proxy, dnsmasq, airbase-ng, post.php, logs.txt, USB wireless NIC (monitor/AP mode), Aircrack-ng

📍 Hsinchu, Taiwan
📧 [email protected]
🔗 Google Drive Portfolio
🐙 GitHub @heinricitorgau

All repositories are released under the MIT License.

Contributions are welcome! Please follow standard open-source etiquette when submitting issues or pull requests.

🎀 Contributions, 🔥 issues, and 🥮 feature requests are most welcome!

💙 If you like my projects, Give them ⭐ and Share it with friends!