SUJAL NE0K1RA Portfolio · ne0k1ra
Hover to Reveal  
Sujal (ne0k1ra) as a samurai warrior wearing a black menpō mask
Open to red-team roles · 2026
· MANIFESTO SO… WHY WILL YOU TRUST MY TOOLS?

What wired me in.

I was drawn to a world where systems have cracks — where logic has seams that can be pulled apart. That's what pulled me into offensive security. Not to break things. To understand them completely.

Sujal · ne0k1ra · 2026

The shell will drop. The stack will not lie. Automate anyway.

Every system has a surface. Every surface has a seam. Every seam has an angle. Find it before they do.

— ne0k1ra · operator doctrine
· IDENTITY NE0K1RA · 001

I AM STILL IN THE NETWORK.

Offensive security engineer. Based in India. Survived enough CTFs to stop counting, mastered the art of building tools that operators actually want to run.

I build toolchains the way exploits get written — modular, obsessive, with no wasted surface. GRIMOIRE, WRAITH-NET, LightScan, KIRA. Each one solves a real problem in a real engagement pipeline.

· · BY THE NUMBERS TALLIED SO FAR

By the numbers

Arsenal — four tools, one operator pipeline

· ARSENAL · FOUR TOOLS · ONE KILL CHAIN
Sumi-e illustration of a nine-tailed kitsune spirit.
Chi · WRAITH-NET

Map the unknown.

Passive intelligence collection. Subdomain discovery, risk-scoring, threat exposure mapping.

Hardened Arch Linux installer. LUKS2 encryption, LVM, secure defaults — operator-ready in one script.

Kyū · KIRA

Deploy the environment.

Rei · LIGHTSCAN

Illuminate the surface.

Async service enumeration. TCP/UDP scanning, DNS zone transfer, CVE correlation engine.

Modular C2. Payload generation, pivot chain visualization, encrypted comms, TUI operator console.

Shin · GRIMOIRE

Forge the payload.

· CATALOG · ACTIVE REPOSITORIES & TOOLSETS

Active Tool Catalog

grimoire

Golang

A modular, TUI-driven post-exploitation and recon suite with a Death Note aesthetic.

#c2 #tui

hashit

Rust

Zero-friction file sharing. Drop a file, get a secure download link.

#file-share #crypto

kira-installer

Bash

Hardened Arch Linux installation script with LUKS2 encryption and secure system defaults.

#arch-linux #hardening

LightScan

Golang

High-performance, asynchronous network scanner and surface enumeration framework.

#scanner #recon

ne0suite

Golang

A centralized dispatcher and C2 gateway routing subcommands to modular security tools.

#c2-dispatch #gateway

pico

Rust

Lightweight utility to wrap and package any web application into a native desktop container.

#webview #native-app

shadowci

Python

Static analysis and secret-leak scanner designed for high-performance CI/CD pipelines.

#devsecops #secret-scanner

sigil

C++

Static PE/ELF binary analysis parser and file-integrity scanner for security research.

#binary-parsing #anti-cheat

wraith-net

Golang

Passive OSINT scraping, subdomain discovery, and threat intelligence correlation tool.

#osint #threat-intel
· DOMAINS THREE VECTORS · THREE MASKS

Expertise Domains — Recon & OSINT, Payload & Evasion, Infrastructure & C2

Anubis — representing the Egyptian threat vectors. Statue of Liberty — representing the US threat vectors. A red kangaroo — representing the Australian threat vectors.
CHAPTER · ONE

RECON & OSINT PHASE 01 · WHERE EVERY ENGAGEMENT STARTS

Attack surface intelligence, passive recon, asset mapping. The first move is always silence. Every target tells a story before you even touch it.

CHAPTER · TWO

PAYLOAD & EVASION PHASE 02 · WHERE CODE BECOMES A WEAPON

Polymorphic payloads, EDR bypass, GRIMOIRE's engine. Precision over brute force. Every payload is custom — tailored to the target stack.

CHAPTER · THREE

INFRASTRUCTURE & C2 PHASE 03 · WHERE SESSIONS SURVIVE

Encrypted mesh C2, KIRA-hardened deployment, async beaconing. Built to last. The infrastructure outlives the engagement.

Kill Chain — four phases of offensive engagement

· PHASE · KILL CHAIN · FOUR PHASES
Close-up of an eye, reflecting website interfaces drifting across the iris.
PHASE 01 · RECON

External attack surface.

Global assets · OSINT · Passive & active recon — WRAITH-NET + LightScan.

EDR/AV bypass · Polymutation engine · GRIMOIRE payload module.

PHASE 02 · WEAPONIZE

Payload generation.

PHASE 03 · EXPLOIT

Initial access.

0-day & N-day vectors · Shell: SYSTEM / ROOT · Privilege escalation.

Async beaconing · Encrypted mesh C2 · Long-term foothold.

PHASE 04 · PERSIST

Command & control.

Secure your infrastructure

Secure your infrastructure before adversaries map it.
· · CONTACT REACH OUT

INITIATE SECURE
CHANNEL

I provide bespoke offensive security automation and advanced threat simulation. No sales calls — just operator-to-operator.

Or reach out the old-fashioned way
Email Loading secure channel...
Sujal © 2026 NE0K1RA · OPERATOR PORTFOLIO