Skip to content
View Ruby570bocadito's full-sized avatar
🎯
Focusing
🎯
Focusing

Achievements

Achievement: Quickdraw

Achievements

Achievement: Quickdraw

Block or report Ruby570bocadito

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
Ruby570bocadito/README.md

header

Typing SVG


CiberApuntes GitHub LinkedIn Location Open to Work

views    followers

About Me

Cybersecurity developer specializing in offensive security tooling — building the complete attack chain from reconnaissance to command & control. Focused on kernel-level rootkits, C2 frameworks, privilege escalation engines, and AI-assisted pentesting operations.

name: Ruby
location: Málaga, Spain
focus: Offensive Security & Red Team Tooling
languages:
  - Go
  - Python
  - C
  - Bash
interests:
  - Kernel Rootkits
  - C2 Development
  - Privilege Escalation
  - AI/ML Security
  - Adversarial ML
education:
  - Cisco NetAcad: Ethical Hacker
  - Cisco Academy: Python, Networking, Linux
  - Cambridge: B1 English
status: Open to cybersecurity opportunities

🎯 Featured Projects

Project Description Tech Status
Vault-Kernel Linux LKM kernel rootkit — syscall hooking, process/file/port hiding, kernel keylogger, self-hiding capabilities C Go 🟢 Active
Rise-Privilege Linux privilege escalation auto-exploiter — 10+ scanners, 60+ GTFOBins offline DB, auto-root via SUID/sudo/cron/Docker Go 🟢 Active
Pulse-C2 Post-exploitation C2 framework — X25519 + XChaCha20-Poly1305, AV evasion, SOCKS5 proxy, 7 modules Go Vue 3 🟢 Active
Wormy-ML-Network-Worm ML-powered polymorphic network worm — dynamic encryption, multi-vector propagation, adversarial ML evasion Python 🟢 Active
Specter-Terminal Offline AI-powered offensive security terminal — Ollama integration, sandboxed execution Python 🔄 Renamed
Horizon-Intel Attack surface recon platform — DNS, certs, GitHub/Google dorking, NVD, web dashboard, MITRE mapping Python 🟢 Active
Apex-Automation Autonomous pentesting assistant — Ollama-powered LLM agent with modular tool harness Python 🟢 Active
Link-Relay Post-exploitation C2 relay — multi-protocol implant communication, YOLO object detection module Python 🟢 Active
Titan-Operations Red team operations framework — modular plugin system, campaign management, Go-powered CI Go 🟢 Active
BlueForge-Suite Blue team defensive toolkit — detection engines, log analysis, threat intel aggregation CI Python 🟢 Active
Breach-Entry Zero-day exploit research — CVE-2026-XXXX: apport ExecutablePath spoofing on Ubuntu 24.04 LTS C Python 🔬 Research

📂 Complete Repository Map

🔐 Kernel & Low-Level
Repository Description Language
Vault-Kernel Linux LKM kernel rootkit — syscall hooking, process hiding, keylogger C, Go
⚔️ C2 & Post-Exploitation
Repository Description Language
Pulse-C2 Post-exploitation C2 framework with encryption, SOCKS5, AV evasion Go, Vue 3
Link-Relay Post-exploitation C2 relay with multi-protocol implant support Python
🦠 Malware & Research
Repository Description Language
Wormy-ML-Network-Worm ML-powered polymorphic worm with adversarial evasion Python
Breach-Entry CVE-2026-XXXX: Ubuntu apport zero-day LPE research C, Python
🔍 Reconnaissance & OSINT
Repository Description Language
Horizon-Intel Attack surface recon — DNS, dorking, NVD, dashboard Python
Apex-Automation Autonomous Ollama-powered pentesting assistant Python
🚀 Privilege Escalation
Repository Description Language
Rise-Privilege Linux auto-privesc with 60+ GTFOBins offline DB Go
🛡️ Blue Team & Defense
Repository Description Language
BlueForge-Suite Detection engines, log analysis, threat intel Python
Titan-Operations Red team operations & campaign management Go
🤖 AI & Automation
Repository Description Language
Specter-Terminal Offline AI offensive security assistant Python
Forge-AI Ollama-powered AI interface Python
Motion-Control ML-based gesture control system Python
📚 Knowledge & Training
Repository Description Language
Vault-Knowledge Curated pentesting knowledge base Markdown
Arena-CTF CTF challenge platform Various

🛠️ Tech Stack

languages

pentesting tools

Hydra · John · Hashcat · SQLMap · Ghidra · GDB · Strace · Tcpdump · Aircrack-ng · Impacket · BloodHound · Cobalt Strike · Sliver · Mimikatz · CrackMapExec · Responder · Netcat · Socat · Radare2 · Frida · Burp Suite · Nmap · Wireshark · Metasploit

📊 Activity

activity graph


GitHub LinkedIn CiberApuntes

footer

Pinned Loading

  1. Wormy-ML-Network-Worm Wormy-ML-Network-Worm Public

    ML-powered polymorphic network worm — self-replicating payload with dynamic encryption, multi-vector propagation, and adversarial evasion.

    Python 3 2

  2. Specter-Terminal Specter-Terminal Public

    Offline AI-powered offensive security terminal — 100% air-gapped pentesting assistant with local LLM (Ollama), sandboxed execution, and real-time guidance.

    Python

  3. Motion-Control Motion-Control Public

    Gesture-based computer control powered by machine learning — cursor movement, click, typing, and full PC control using hand gestures via MediaPipe.

    Python

  4. Apex-Automation Apex-Automation Public

    AI-assisted penetration testing automation — ML-driven vulnerability discovery and exploitation workflow with intelligent decision making.

    Python

  5. Alpaca-Trading-ML Alpaca-Trading-ML Public

    Python

  6. Rise-Privilege Rise-Privilege Public

    Automated Linux privilege escalation suite — 10+ scanners, 60+ GTFOBins database, auto-root via SUID/sudo/cron/Docker. Zero dependencies.

    Go