This repository is a collection of Python scripts and lightweight utilities I’ve written to support day-to-day cybersecurity engineering, analysis, and automation tasks.
The scripts here are designed to be practical, self-contained, and easy to adapt — ranging from network enrichment tools (whois, passive DNS lookups, pcap parsing) to quick automations for security operations and engineering workflows.
- Provide small, focused utilities that solve specific problems quickly.
- Serve as a toolbox for cybersecurity engineers working in areas like threat hunting, network traffic analysis, automation, and forensics.
- Act as a personal knowledge base for reusable code snippets and patterns.
Scripts are organized by categories, such as the folowing:
networking/— traffic parsing, IP enrichment, protocol analysisforensics/— artifact extraction, log parsingautomation/— everyday scripting and workflow helpers
Each folder may include:
- The script(s)
- A
README.mdwith usage notes - A
requirements.txtif dependencies are needed
All scripts are written for Python 3 and kept minimal with standard libraries whenever possible.