Industrial & Network Security | Offensive Security Researcher
Focused on ICS/OT environments, attack path analysis, and resilient infrastructure design.
Building practical labs, custom tools, and security research projects.
- Industrial & OT Network Security
- Infrastructure & Network Architecture
- Offensive Security Research & Lab Simulations
- Attack Path & Lateral Movement Analysis
- Security Tool Development & Automation
-
Industrial & OT Network Security Wireshark, tcpdump, SCADA/PLC emulators, GNS3, Kali Linux
ICS/OT protocol analysis (Modbus, DNP3, BACnet), traffic inspection, anomaly detection, secure segmentation -
Infrastructure & Network Architecture GNS3, Packet Tracer, Nmap, Masscan
VLAN design, routing protocols, subnetting, network segmentation, firewall & ACL configuration, topology design -
Offensive Security Research & Lab Simulations Metasploit, Python/Bash scripting, Burp Suite, virtual lab setups (VMware/VirtualBox)
Lab design, vulnerability simulation, penetration methodology, exploit PoC development, adversary simulation -
Attack Path & Lateral Movement Analysis BloodHound, PowerView, Responder, CrackMapExec, Sysinternals Suite
Mapping attack paths, privilege escalation, lateral movement techniques, network reconnaissance, privilege auditing -
Security Tool Development & Automation Python, Bash, PowerShell, Git, GitHub Actions
Scripted automation, custom PoC tools, network scanning automation, log analysis, workflow optimization
Primary focus on hardware integrity and protocol-level analysis within Operational Technology.
- Guardian-OT — A hardware-aware forensic and integrity engine for ICS/OT removable media. Combines UUID fingerprinting, Merkle-tree style hashing, and entropy-based anomaly detection to secure the air-gap vector. Includes a full researcher dashboard for high-signal triage.
- MEA (Modbus Exposure Analyzer) — Passive Modbus traffic analysis tool that profiles device activity, evaluates behavioral risk using entropy and communication patterns, and helps identify exposed or misconfigured industrial assets.
Practical experiments and lab setups exploring constrained networking, application-layer pivots, and traffic analysis.
Labs & Experiments:
- GNS3 ICS/OT Security Emulation Lab — A fully isolated, reproducible industrial control systems (ICS) simulation sandbox featuring OpenPLC and Fuxa HMI, mapped using non-overlapping subnets to eliminate kernel routing conflicts.
- ICS/OT Home Lab — A multi-tier industrial control simulation platform bridging OpenPLC, FUXA, and Ignition Maker to analyze legacy Modbus/TCP vulnerabilities and execute supervisory-bypass payload injections.
- ADB Userspace VPN Pivot — Reverse tethering via ADB and SOCKS5h to route PC traffic through a mobile VPN without root or system modifications.
Each lab emphasizes reproducible methodology and security considerations.
- Arkoi — A cross-engine SEO poisoning detector for software downloads. Leverages an async SearXNG backend to audit search consensus, identify rank anomalies, and flag deceptive installer distribution vectors.
- SurfaceLens V2 — Modular Attack Surface Management (ASM) framework. Features a multi-provider intelligence pipeline (Shodan, Censys, LeakIX), SQLite persistence for delta tracking, and a Flask-powered tactical dashboard.
- PersonA-Vault — Secure, compartmentalized persona management system designed around operational separation, encrypted storage, and risk scoring.
- SurfaceLens — Passive attack surface & Shadow IT intelligence engine built on Shodan data. Supports online/offline analysis and explainable risk scoring.
- ContextLens v1 — Infrastructure and application-layer prioritization engine. Profiles abstraction layers and provides guided recommendations for assessments.
- HLS Stream Analyzer — HLS playlist analysis and stream reconstruction framework for security research and media forensics.
- GitHub: 404saint
- Website: rugerotesla.vercel.app
- HackerOne: 404saint
- Email:
[email protected]