Cybersecurity researcher and student focused on hardware hacking, RFID/NFC reverse engineering, and access control systems. I build tools, dissect protocols, and publish my findings as open source.
DEF CON 33 speaker — Hung out to dry: Airing the dirty laundry of stored value washing cards (RF Village). Watch the talk on YouTube.
- Reverse engineering of public transit and smart card application layer
- Hardware projects targeting ESP32 and Flipper Zero
- Offensive security tooling and automation in Python, C/C++, and JavaScript
- Open source contributions and technical write-ups for the security community
- Discord:
@luu176 - PGP key: available here
A few things I've built — feel free to take a look:
| Repository | Description | Language |
|---|---|---|
| ESP32-Airtag | Clone an existing AirTag onto an ESP32 | C, C++, Python |
| Metroflip | Multi-protocol Flipper Zero app for reading metro cards from around the world | C |
| SLE4442-Card-Manager | Manager for SLE4442 memory cards | Python 3 |
| T-Mobilitat Reader | Reads Barcelona's T-Mobilitat public transport card via the official API and a USB NFC reader. Includes reverse engineering notes on the card's data structure and API. | Python |
| CRTM Madrid Public Transport Card Reader | Extracts card information and ticket details from Madrid's CRTM NFC public transport card | Python |
| Rubber Ducky Payloads | Collection of DuckyScript payloads | DuckyScript |
| NTLM-Stealer | DuckyScript 3.0 payload for capturing NTLM hashes from a Windows machine over a Discord webhook | DuckyScript |
| Basic-XSS-Checker | Tests search query inputs for XSS vulnerabilities using three detection techniques | Python |
| Antenna Size Calculator | Calculates viable antenna lengths for a given frequency (e.g. 433 MHz, 137.1 MHz) | Python |
| Discord-Status-Changer | Automates rotating Discord status messages | Python |
C · C++ · C# · Python · JavaScript · Node.js · Go · Java · HTML · CSS · Arduino · Linux · .NET
