lucasj-sec (Lucas J. Da Cunha) · GitHub
Skip to content
View lucasj-sec's full-sized avatar

Highlights

  • Pro

Block or report lucasj-sec

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
lucasj-sec/README.md

Typing SVG

Header

"Attack to understand. Understand to defend."


LinkedIn Visitors Focus HTB


🇧🇷  Quem sou

operator = {
    "nome"      : "Lucas J. Da Cunha",
    "role"      : ["Red Team", "Pentester", "SecOps", "SRE"],
    "filosofia" : "Ataco para entender. Entendo para construir defesas melhores.",
    "stack"     : ["Python", "Linux", "Kali", "Nmap", "Hydra", "Metasploit"],
    "distros"   : ["Kali Linux", "Debian", "Arch"],
    "formação"  : "Engenharia de Software — Universidade São Francisco (USF)",
    "agora"     : "Monitoramento de Sistemas + labs ativos no HackTheBox",
    "diferencial": "Construo as próprias ferramentas pra entender o que ataco",
    "motto"     : "Sunrise, parabellum.",
}

🔴  Operações Ativas

Projeto Status Descrição
🛡️ Citadel SOAR ACTIVE Mini-SOAR que construí nos labs do HTB — o lado azul que corre enquanto faço pentest
⚔️ HackTheBox Labs ACTIVE Sessões regulares de pentest em ambiente controlado
⚔️ OverTheWire: Bandit COMPLETED ✅ Wargame de segurança Linux — todos os níveis concluídos
☁️ Azure Architecture IN PROGRESS Stack Azure para ambientes de produção
🎯 CompTIA CySA+ NEXT TARGET Análise de ameaças e resposta a incidentes

⚡  Arsenal

Python Kali Linux Debian Arch Azure Bash Git


🗡️  Citadel — Purple Team na Prática

Durante um lab no HackTheBox, parei de ler log manualmente e escrevi o defensor.

O Citadel é um mini-SOAR que construí para rodar enquanto faço pentest. Ele age como Blue Team autônomo — eu ataco, ele detecta e bloqueia.

Isso me forçou a pensar nos dois lados simultaneamente: Red e Blue. É assim que Purple Team funciona na prática.

[Kali — eu, atacando]                [Debian — Citadel, defendendo]
──────────────────────────────────────────────────────────────────
$ hydra -l root -P wordlist.txt      [ALERTA] Falhas: 1/5 → 2/5 → 3/5
  ssh://192.168.100.10 -t 4
                                     [ALERTA] Falhas: 4/5 → 5/5
[DATA] attacking...                  [LIMIAR ATINGIDO] Bloqueando...
                                     [BLOQUEIO] ✓ blackhole (ip route)

[timeout... timeout... timeout]
[262 tentativas. 0 respostas.]       # silêncio total. kernel descarta tudo.

Ver repositório completo


🌐  English

Click to expand 🇺🇸
operator = {
    "name"       : "Lucas J. Da Cunha",
    "role"       : ["Red Team", "Pentester", "SecOps", "SRE"],
    "philosophy" : "I break things to understand them. Then I build better defenses.",
    "stack"      : ["Python", "Linux", "Kali", "Nmap", "Hydra", "Metasploit"],
    "distros"    : ["Kali Linux", "Debian", "Arch"],
    "education"  : "Software Engineering — Universidade São Francisco (Brazil)",
    "currently"  : "Systems Monitoring + active labs on HackTheBox",
    "edge"       : "I build my own tools to understand what I'm attacking",
    "motto"      : "Sunrise, parabellum.",
}

🔴 Active Operations

Project Status Description
🛡️ Citadel SOAR ACTIVE Mini-SOAR I built during HTB labs — the blue side running while I pentest
⚔️ HackTheBox Labs ACTIVE Regular pentest sessions in controlled environment
⚔️ OverTheWire: Bandit COMPLETED ✅ Linux security wargame — all levels cleared
☁️ Azure Architecture IN PROGRESS Mastering Azure stack for production environments
🎯 CompTIA CySA+ NEXT TARGET Threat analysis and incident response certification

🎯 What I'm about

I'm a Red Teamer who builds his own tools.

During HackTheBox sessions I got tired of reading massive SSH logs manually — so I wrote Citadel, a headless mini-SOAR that acts as an autonomous Blue Team operator while I run the pentest. It detects brute-force patterns, tracks IPs with a sliding window, and blocks them via kernel-level routing blackhole.

Building the defense taught me more about attacking than any tutorial ever did. That's Purple Team in practice.

📬 Let's connect: linkedin.com/in/lucas-j-da-cunha


╔═══════════════════════════════════════════╗
║                                           ║
║   "The quieter you become,                ║
║    the more you are able to hear."        ║
║                                           ║
║   — and the more damage you can do. 🗡️   ║
║                                           ║
╚═══════════════════════════════════════════╝

Snake animation

Popular repositories Loading

  1. lucasj-sec lucasj-sec Public

    Config files for my GitHub profile.

  2. bytecraft-forjado-em-java bytecraft-forjado-em-java Public

    eBook prático e didático sobre programação Java, com foco em estruturas de dados, POO e exemplos reais. Criado com apoio de IA.

  3. verificador-idade-detran verificador-idade-detran Public

    Aplicação Java que verifica se uma pessoa pode iniciar o processo de CNH, com interface gráfica feita em Swing.

    Java

  4. citadel-soar citadel-soar Public

    Mini-SOAR headless para defesa ativa de servidores Linux. Detecta brute-force SSH em tempo real via journald, rastreia IPs com sliding window e bloqueia automaticamente via blackhole de roteamento.

    Python