renansj (Renan Zapelini) · GitHub
Skip to content
View renansj's full-sized avatar
🎯
Focusing
🎯
Focusing
77 followers · 116 following

Achievements

Achievement: YOLOAchievement: Pull Sharkx2Achievement: Arctic Code Vault Contributor

Achievements

Achievement: YOLOAchievement: Pull Sharkx2Achievement: Arctic Code Vault Contributor

Highlights

  • Pro

Organizations

@quack

Block or report renansj

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
renansj/README.md

Renan Zapelini

Application Security Engineer | Security Researcher | Developer

Building offensive security tools and breaking things (with permission).

Focus

  • Vulnerability research & exploit development
  • Web application security (whitebox/blackbox)
  • Fuzzing & automated reconnaissance
  • Security tooling in Go and Python

Stack

Security & Offensive

Go Python Bash C Kali Linux Burp Suite

Development

.NET C# JavaScript TypeScript Rust Haskell

Infra & Tools

Docker Linux Redis PostgreSQL

Featured Projects

Project Description
ryofuzz Offensive web vulnerability fuzzer with behavioral analysis, coverage-guided mutation, and live proxy interception
r0zscope Automated web recon framework with 40+ tools, parallel execution, and CTF mode
http-smuggling-lab Didactic HTTP Request Smuggling lab (TE.CL) with vulnerable C server + Python exploits
ssrf-lab SSRF lab with Docker, vulnerable Flask app, internal services, and AWS metadata mock
OpenRain Decentralized training of open AI models with formal security guarantees

Stats

GitHub Stats Top Languages

renansj.dev

Pinned Loading

  1. r0zscope r0zscope Public

    Automated web reconnaissance framework, 40+ tools, parallel execution, CTF mode

    Go 2 1

  2. ryofuzz ryofuzz Public

    Offensive multi-class web vulnerability fuzzer — OWASP Top 10, API Top 10, LLM Top 10 + underground techniques

    Go

  3. ssrf-lab ssrf-lab Public

    Lab de SSRF com Docker - aplicação Flask vulnerável, serviços internos, mock de metadata AWS. Material de apoio: https://renansj.dev/ssrf

    Python

  4. web-cache-deception-lab web-cache-deception-lab Public

    Web Cache Deception lab — vulnerable reverse proxy + exploitation scripts for learning and testing

    Python

  5. http-smuggling-lab http-smuggling-lab Public

    Lab didático de HTTP Request Smuggling (TE.CL) — servidor vulnerável em C + exploits Python

    C 1

  6. AppRateLimiter AppRateLimiter Public

    Thread-safe rate limiting for ASP.NET Core: IP + JWT-claim limits, in-memory or distributed via Redis. Runs from .NET Framework 4.6.1+ to .NET 10.

    C#