Skip to content
View kdairatchi's full-sized avatar
:shipit:
:shipit:
27 followers · 96 following

Achievements

Achievement: Pair ExtraordinaireAchievement: Pull Sharkx2Achievement: QuickdrawAchievement: YOLO

Achievements

Achievement: Pair ExtraordinaireAchievement: Pull Sharkx2Achievement: QuickdrawAchievement: YOLO

Block or report kdairatchi

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
kdairatchi/README.md

kdairatchi

Bug-bounty hunter who builds tools. Crystal-native offensive security, autonomous hunt pipelines, and hardware-adjacent frameworks for offline research.

Work surfaces at prowlrbot.com.

Shipping

quartz · Crystal · Flipper Zero dev framework. Single static binary. Offline-first. Federated .sig bundles shared peer-to-peer, not uploaded to someone else's lab. Parser, host-side simulator, native FAP build, serial RPC.

CyberBox · Docker · Security workspace. 160+ tools, Caido proxy plugin, dual-LLM routing (Claude + Ollama), plugin marketplace, AI guardrails. Latest: v0.2.1.

ProwlrBot · Python + Go · Multi-agent platform. Bash pipelines chain security binaries into recon → vulnscan → triage → report. AI agents read tool output; no LLM wraps a CLI. Spine is FastAPI, console is shadcn/Tailwind.

Tooling (open source)

Repo Stack What it does
flaw Crystal SAST for bug-bounty targets — regex + AST rules, plugin-friendly
ghactor Go GitHub Actions hardening CLI: lint · fix · SHA-pin · trial · trail
Prowlrview Crystal Intercepting proxy + live attack-surface graph, Lua plugins
ROAR Protocol Python Agent-to-agent communication standard — MCP + A2A + ACP + ANP in one
gf-patterns regex Opinionated bug-bounty grep patterns
nuclei-templates-custom YAML Custom nuclei templates from live hunts

Stack

Languages   Crystal · Rust · Go · Python · TypeScript
Security    Caido · Nuclei · 160+ Go binaries · custom Crystal tooling
Agents      Claude Code · Ollama · MCP · ROAR
Hardware    Flipper Zero · GL-AR150 · RTL-SDR
Infra       Cloudflare Pages · Fly.io · Docker · WSL2
Notes       Obsidian second-brain — methodology, CVEs, red/blue playbooks

Focus

Autonomous recon → triage → report pipelines that make one hunter move like a team. Prompt-injection guardrails and secret redaction for offensive tooling. Supply-chain posture for the bug-bounty toolchain itself — pin every action, audit every dependency. Crystal-native security tools.

Currently learning

  • Crystal macros and AST work for flaw's rule engine
  • Rust for the roar transport fast-path
  • Flipper firmware internals (FuriHAL, protobuf RPC, native FAPs)
prowlrbot.com · kdaistack · @ProwlrBot · prowlr@proton.me

Popular repositories Loading

  1. CronLord CronLord Public

    Visual self-hosted cron scheduler in a single Crystal binary

    Crystal 3

  2. flaw flaw Public

    Fast static analysis tool for finding security flaws in Crystal code.

    Crystal 2 1

  3. kdairatchi kdairatchi Public

    Profile landing for @kdairatchi — cybersecurity builder, ProwlrBot founder.

  4. MyMac MyMac Public

    My Mac Script/Tools 🫴🏽

    Shell

  5. SNHU-CYB-310 SNHU-CYB-310 Public archive

    CYB-310 Network Defense — Southern New Hampshire University

  6. SNHU-CYB-210 SNHU-CYB-210 Public archive

    CYB-210 Foundations in Cybersecurity — Southern New Hampshire University