Skip to content
View danieloz147's full-sized avatar
6 followers · 0 following
  • Tel Aviv, Israel

Achievements

Achievement: Pull Shark

Achievements

Achievement: Pull Shark

Highlights

  • Pro

Block or report danieloz147

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
danieloz147/README.md
Typing SVG

LinkedIn

┌─────────────────────────────────────────────────────────────────────────┐
│                                                                         │
│   danieloz147@redteam:~$ ./whoami                                       │
│                                                                         │
│   [*] Role      → Head of offensive cyber @ Clalit Health Services      │
│   [*] Focus     → Red Team Ops | Malware Dev | iOS/macOS | Exploit-Dev  │
│   [*] Platforms → Windows Internals | Active Directory | Cloud          │
│   [*] Tradecraft→ Initial Access | Evasion | Post-Exploitation | LL     │
│   [*] Status    → Building tools. Breaking things. Getting paid.        │
│                                                                         │
└─────────────────────────────────────────────────────────────────────────┘

Domains

🔴 Red Team Operations

  • Full kill chain execution from initial access to exfil
  • C2 framework deployment & operation (Sliver, AdaptixC2, Cobalt Strike)
  • OPSEC-conscious tradecraft — traffic shaping, redirectors, CDN fronting
  • Full Adversary emulation

🧬 Malware Development

  • Windows process injection — classic, ghostwriting, module stomping
  • AV/EDR evasion — syscalls, unhooking, PPID spoofing
  • Custom loaders, stagers, droppers in C
  • Payload staging & obfuscation pipelines

📱 iOS / macOS Internals

  • MDM protocol exploitation & configuration profile weaponization
  • Supervised payload abuse (App Lock, DEP hijacking, AirPlay)
  • .mobileconfig CMS signing & delivery
  • Mobile device management attack scenarios

🏢 Active Directory & Cloud

  • Kerberoasting, AS-REP, Pass-the-Hash, DCSync
  • ACL/DACL abuse, delegation attacks, BloodHound analysis
  • AWS/Azure/GCP lateral movement, IAM privilege escalation
  • Cloud misconfiguration identification & exploitation

🌐 Web & API Pentesting

  • OWASP Top 10 exploitation
  • REST/GraphQL/OAuth attack surface
  • JWT attacks, IDOR, business logic flaws
  • Authenticated & unauthenticated recon pipelines

🎣 Social Engineering & Phishing

  • AiTM credential capture (Evilginx3)
  • Pretexting, vishing, physical pretext campaigns
  • Custom lure development & infrastructure staging
  • MFA relay & token theft techniques

Arsenal

Languages

C Python PowerShell Bash Assembly C++ Go JavaScript TypeScript Swift Objective--C C#

Offensive Tooling

Cobalt Strike Sliver AdaptixC2 Burp Suite BloodHound Evilginx Impacket

Platforms

Windows Linux iOS macOS AWS Azure GCP

Public Tools

All tools and research published here are used in authorized engagements only.

Popular repositories Loading

  1. SpyIt SpyIt Public

    🕵️ Real-time desktop surveillance over HTTP - DXGI capture, MJPEG stream, single C binary, zero dependencies. Built for red teams with native AdaptixC2 integration. Drop it. Stream it. Watch it. Ki…

    C 15 3

  2. Process-Injection Process-Injection Public

    This repo will explain everything about process injection

    C 2 2

  3. AdaptixC2 AdaptixC2 Public

    Forked from Adaptix-Framework/AdaptixC2

    AdaptixC2 is a highly modular advanced redteam toolkit

    C++

  4. ios-profile-builder ios-profile-builder Public

    Browser-based Apple .mobileconfig profile builder for offensive security research

    HTML

  5. danieloz147 danieloz147 Public

    GitHub profile README

  6. ios-clickfix-templates ios-clickfix-templates Public

    iOS ClickFix → WebClip social engineering template. Coaches targets into installing a .mobileconfig that pins an attacker-controlled shortcut to their Home Screen. For authorized red team engagemen…

    HTML