My Tools

Overview

This repository showcases my personal projects, ranging from advanced AI-driven security systems to network utilities and learning resources.

Note on Commit History: Some of my older repositories may lack verbose commit messages. I have significantly improved my version control practices in my newer projects (see Revenix). Thank you for understanding!

---

Flagship Project

Revenix: Self-Healing AI Firewall

• Repository: https://github.com/so1icitx/Revenix

• Purpose: A next-generation Intrusion Prevention System (IPS) that uses ensemble Machine Learning to detect and block zero-day network anomalies in real-time, moving beyond static firewall rules.

• Architecture:

  • Sensor (Rust): High-performance packet capture and flow grouping.
  • Buffer (Redis): Prevents bottlenecks between the sensor and the AI brain.
  • Brain (Python/PostgreSQL): Processes flows through ML models and manages the database.
  • Dashboard (Next.js): Web interface for real-time visualization, geolocation mapping, and manual control.

• Key Features:

  • Ensemble ML Voting: Utilizes 5 distinct models to score traffic risk. A weighted average (with AutoEncoders holding the highest weight) determines if a packet is malicious.
  • Specific Models:
    • Isolation Forest: Detects anomalies based on how easily a data point can be isolated.
    • AutoEncoder: Neural network that flags high "Reconstruction Errors" as anomalies.
    • BaselineTracker & DeviceProfiler: Learns normal behavior per device (e.g., a server vs. a printer).
    • SequenceDetector: Monitors the last 100 flows to catch multi-stage attacks.
  • Automated Response: Automatically blocks high-risk IPs (>95% confidence) and utilizes a "Three Strikes" rule for medium risks.
  • Smart Whitelisting: High-confidence legitimate traffic bypasses the ML engine to save resources.

---

Work in Progress

so1_shell: Custom Shell Implementation

• Repository: https://github.com/so1icitx/so1_shell
• Purpose: A lightweight command-line interface designed to replicate core functionalities of shells like Bash or Zsh.
• Features:
  • Basic command execution and process handling.
  • Custom prompt configuration.
  • Status: Active development (adding piping and redirection).

---

Security & Network Tools

so1dump: Packet Sniffer

• Repository: https://github.com/so1icitx/packet_sniffer
• Purpose: Captures and analyzes network packets (TCP, UDP, ICMP) to inspect traffic flow.
• Features:
  • Parses critical details: Source/Dest IPs, ports, and flags.
  • Integration: AbuseIPDB for IP reputation checks.
  • Export: JSON, CSV, or Text output.
• Use Case: Network debugging and analyzing traffic patterns.

so1map: Port Scanner

• Repository: https://github.com/so1icitx/so1map
• Purpose: Rapidly scans IPs or subnets to identify open ports and services.
• Features:
  • Multi-threaded: High-speed scanning for single IPs or CIDR subnets.
  • Stealth: Quiet mode available for logging without console noise.
• Use Case: Initial reconnaissance and network inventory.

so1scan: Domain Reconnaissance

• Repository: https://github.com/so1icitx/so1scan
• Purpose: Automated reconnaissance tool for gathering domain intelligence.
• Features:
  • Analysis: Checks security headers (CSP, HSTS) with risk feedback.
  • Intel: Fetches WHOIS data and VirusTotal reputation scores.
• Use Case: Assessing website configurations for security gaps.

so1fuzz: Web Directory Enumeration

• Repository: https://github.com/so1icitx/so1fuzz
• Purpose: Discovers hidden directories and files by fuzzing target URLs.
• Features:
  • Smart Filtering: Ignores 404s and filters by response size.
  • Performance: Multi-threaded execution.
• Use Case: Finding sensitive endpoints (e.g., /admin, /backup).

ARP Spoofer

• Repository: https://github.com/so1icitx/so1icitx-arp-spoofer
• Purpose: Performs ARP spoofing to intercept traffic on a local network.
• Features: Redirects traffic through your machine for inspection.

MAC Spoofer

• Repository: https://github.com/so1icitx/macso1i
• Purpose: Modifies the network interface MAC address.
• Features: Simple, temporary identity modification for anonymity.

Hash Identifier

• Repository: https://github.com/so1icitx/so1-hash-identifier
• Purpose: Identifies hash algorithms based on string patterns.

Network Scanner

• Repository: https://github.com/so1icitx/so1ic-network-scanner
• Purpose: General purpose discovery of live hosts and services using Ping/ARP.

---

Knowledge Base

Hacking Notes

• Repository: https://github.com/so1icitx/Hacking-Notes
• Purpose: A personal collection of cheat sheets, methodologies, and notes on various cybersecurity topics.

CTF Write-ups

• Repository: https://github.com/so1icitx/CTF-s
• Purpose: Solutions, scripts, and write-ups for various Capture The Flag challenges I have completed.

Learning Journey

• Repository: https://github.com/so1icitx/so1icitx-programming-journey
• Purpose: Documentation of my programming progress, exercises, and code snippets.

---

Legal Disclaimer

Please use these tools responsibly. These tools are intended for educational purposes and authorized security testing only. You must obtain explicit permission before testing any system or network you do not own. Unauthorized use is illegal. The author is not responsible for any misuse.