Enterprise Security & Compliance Management
An enterprise-grade, on-premise security and compliance audit management platform.
Designed to efficiently plan, execute, monitor, and report information security audits.
Fully digitized process from planning to reporting with support for 20+ global standards.
Key Capabilities:
- Standard-Based Audits: Support for 20+ standards including ISO 27001,
PCI DSS, GDPR, KVKK, NIST, CIS Controls, SOC 2, HIPAA, COBIT, and more
- Smart Finding Management: Automated tracking, assignment, due date
management, and severity scoring (Critical to Info)
- Evidence Management: Secure upload and management of evidence files
(images, PDFs) for every finding
- Advanced Reporting: One-click generation of professional Word (.docx)
audit reports with cover, methodology, and details
- Notification System: Multi-language notifications for assignments, due
dates, and status changes
- Role-Based Access Control: Granular permissions for Platform Admin, Org
Admin, and Auditors with data isolation
- Multi-Language Support: Complete Turkish and English support for UI and
templates
Python (FastAPI)
React 18
TypeScript
PostgreSQL
Docker
Tailwind CSS
WiFi & BLE Security Testing and Intelligence Platform
An all-in-one wireless penetration testing toolkit built for Kali Linux.
Features real-time dashboard with dual-band WiFi scanning, rogue AP deployment,
man-in-the-middle packet analysis, client intelligence profiling, and a full BLE attack suite.
Key Capabilities:
- Evil Twin: Captive Portal for credential harvesting and Internet Relay mode with live MITM and NAT masquerade
- MITM Suite: Real-time packet sniffer, credential detection, DNS spoofing, and PCAP export for Wireshark analysis
- Probe Analyzer: Client intelligence through SSID profiling — shared network detection, nearby AP matching, and vulnerable client identification
- BLE Attack Suite: 7 attack types including fuzzing, PIN brute-force, hijacking, beacon spoofing, and battery drain
- Automated Hunter Mode: Fully automated target selection, handshake capture, and channel rotation
- PMKID & WPS: Clientless PMKID hash capture and WPS Pixie Dust / PIN attacks
- Unified Cracking: Handshake and PMKID password cracking via aircrack-ng with wordlist support
Python (FastAPI)
React
Scapy
WebSocket
Aircrack-ng
Kali Linux
Ultrasonic Threat Detection & Defense for Android
An advanced Android security application that detects, analyzes, and neutralizes hidden
ultrasonic signals used for cross-device tracking, ad surveillance, and covert data
exfiltration. Features a 5-layer DSP pipeline, real-time spectrogram, active jamming,
BLE tracker detection, and WiFi security analysis.
Key Capabilities:
- Ultrasonic Monitor: Live spectrogram visualization of the 17–22 kHz band with automatic threat detection and signature matching
- Active Shield: 4 jamming modes — Broadband, Adaptive, Targeted, and Stealth Spoof — with per-band toggle and volume control
- Tracking Blocker: Automatic detection and blocking of cross-device tracking beacons (SilverPush, Shopkick, Signal360) with auto-block engine
- BLE Security Scanner: Device discovery, tracker detection, GATT analysis, and environment statistics
- WiFi Analyzer: Network scanning, security audit, evil twin detection, and channel congestion analysis
- Threat Intelligence: 7 known beacon signatures with confidence scoring, modulation analysis, and persistent threat history
- App Scanner: Scan installed applications for known ultrasonic SDK signatures
Kotlin
Jetpack Compose
Material 3
Hilt
Room
Custom DSP
Phishing Simulation & Detection Platform
An enterprise-grade phishing simulation platform with TLPT/TIBER-EU compliance.
Create and launch phishing campaigns, track user interactions, capture credentials
in dual mode, and deliver security awareness training with built-in reporting.
Key Capabilities:
- Campaign Management: Create, launch, pause, clone campaigns with email/link/form tracking and 3-layer bot detection
- Credential Capture: Dual mode — TLPT-compliant (field names only) and Red Team (cleartext) for advanced testing
- Template Library: 54+ pre-built email and landing page templates across IT, SaaS, HR, Finance, and Executive categories
- Domain Hunter: Typosquat domain search with WHOIS, DNS lookup, and Wayback Machine analysis
- Security Awareness: Training module builder with quiz functionality and progress tracking
- Advanced Analytics: Campaign dashboard with 6 key metrics, risk scoring, weekly trends, and TLPT-specific reporting
- Enterprise Reports: Export in CSV, PDF, and TLPT-compliant DOCX format
Python (FastAPI)
React 18
TypeScript
PostgreSQL
Docker
Tailwind CSS
Advanced IOC Analysis & Monitoring
A comprehensive threat intelligence platform for querying IOCs across multiple sources, managing
vulnerabilities,
and monitoring assets. Features real-time risk scoring, CVE database integration, and automated
watchlists
with background monitoring.
Key Capabilities:
- Massive Intelligence Network: Query IOCs (IP, Domain, Hash, URL) across
69+ threat intelligence sources including VirusTotal, AbuseIPDB, and OTX
- Real-Time Risk Scoring: Automated risk assessment with color-coded
severity levels for instant triage
- CVE Database Integration: Full NIST NVD integration with advanced
search and filtering capabilities
- Automated Watchlists: Continuous background monitoring of assets with
real-time alert system
- Secure Architecture: AES-256 encrypted storage for API keys and
sensitive configuration
- Professional Reporting: Export detailed threat analysis reports in PDF,
HTML, and JSON formats
- High Performance: Redis caching for rapid query responses and efficient
background job processing
Python (FastAPI)
React
Redis
PostgreSQL
Docker
Nginx
Web Command Center for Flipper Zero
A browser-based command center for Flipper Zero. Connect via USB Serial and control
all modules from a hacker-themed web interface with live screen mirroring, file management,
and one-click access to RF, NFC, Infrared, Bluetooth, GPIO, and wireless pentesting tools.
Key Capabilities:
- Screen Mirror: Real-time screen streaming with virtual D-pad control and keyboard shortcuts
- RF Modules: Sub-GHz signal analysis, NFC/RFID card emulation, and Infrared remote control
- WiFi Pentesting: ESP32 Marauder and ESP8266 Deauther with screen stream and 30+ quick commands
- NRF24 Suite: MouseJack exploitation, RF scanning, packet sniffing, and channel analysis
- Bluetooth Attacks: BLE spam, HID emulation, Apple FindMy beacon, and more
- Bad USB: DuckyScript payload editor with syntax highlighting and one-click execution
- File Manager: Full SD card browser with upload, download, and directory management
SvelteKit
Svelte 5
TypeScript
Web Serial API
Protobuf RPC
Vite