Skip to content
View addcontent's full-sized avatar
3 followers · 8 following

Achievements

Achievement: Pull SharkAchievement: StarstruckAchievement: Quickdraw

Achievements

Achievement: Pull SharkAchievement: StarstruckAchievement: Quickdraw

Block or report addcontent

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
addcontent/README.md

Hi there 👋

I'm a Cyber Security Enthusiast based in KE. I enjoy hunting vulnerabilities on authentication clasess specifically in frameworks, AI/ML tooling, WebRTC stacks, etc.

Published disclosures

ID Target Severity Date
CVE-2026-22752 Spring Security Authorization Server: insufficient DCR client-metadata validation Critical 9.0 2026-04-21
keycloak#47915 Keycloak: FreeMarker ?new() built-in enabled by default in theme templates Hardening 2026-04-09

Additional disclosures to several vendors are currently under embargo and will be listed here once the advisories are published.

Selected projects

  • Bastsec/kifaru: autonomous multi-agent security research platform
  • nuclei-mcp: Model Context Protocol server for the Nuclei scanner

Contact

Pinned Loading

  1. nuclei-mcp nuclei-mcp Public

    An implementation of a Model Context Protocol (MCP) for the Nuclei scanner. This tool enables context-aware vulnerability scanning by intelligently providing models and context to the scanning engi…

    Go 47 8

  2. CVE-Lens CVE-Lens Public

    A modern CVE retrieval dashboard written in Svelte.

    JavaScript 2

  3. AI-Vulverability-Scanner AI-Vulverability-Scanner Public

    Forked from Areej-zeb/AI-Vulnerability-Scanner

    An AI-driven vulnerability scanner that uses Nmap to discover open services on a user-supplied IP, matches each service to relevant CVEs via SBERT embeddings and a severity classifier, and generate…

    HTML

  4. The-Butler The-Butler Public

    An interactive pentesting tool to discover and test for CI/CD misconfigurations in GitHub Actions, with modes for safe testing and secret exfiltration.

    Shell

  5. agent0ai/agent-zero agent0ai/agent-zero Public

    Agent Zero AI framework

    Python 17.5k 3.6k