16-day longest streak
> 🇧🇷 Versão em Português --- 🧠 About Me I'm André Henrique, Co-Founder of União Geek and Cybersecurity Advisor @ VisionCybersecurity — with 20+ years protecting critical infrastructure, specializing in…





> 🇧🇷 [Versão em Português](README-pt-BR.md)
---
🧠 About Me
I'm André Henrique, Co-Founder of União Geek and Cybersecurity Advisor @ VisionCybersecurity — with 20+ years protecting critical infrastructure, specializing in Offensive & Defensive Security across IT, OT, ICS, SCADA, IoT and IIoT environments.
- 🎓 Academic Professor — OT/ICS/SCADA Security
- 🏴 8th place — BlackHat CTF 2018
- 🔐 OSCP · GICSP · GRID · CEH · 45+ certifications
- 📦 500+ projects delivered · 5,300+ students trained
- 🧩 Speaker at MindTheSec, BSides, H2HC, RoadSec, FLISOL
🏅 Certifications
!OSCP
!GICSP
!GRID
!CEH
!CompTIA
!LPIC
!ISA62443
!Nozomi
!RSA
!Microsoft
+ EHF · OEIS · Securonix SOC Analyst · Sophos EDR Admin · Tenable (Nessus/SC/IO) · ICS Security w/ GRFICS and 30+ more
---
🔬 Areas of Expertise
| Domain | Focus |
|:-------|:------|
| 🔴 Offensive Security | Web, Mobile, Network, WiFi, Social Engineering & Code Review Pentesting |
| 🔵 Defensive Security | SIEM, SOAR, XDR, MDR, SOC, IR — NIST-CSF & MITRE ATT&CK |
| 🏭 OT / ICS / SCADA | Industrial security assessment, protocol analysis (Modbus, DNP3, OPC) |
| 📡 IoT & IIoT | Embedded device security, firmware analysis, wireless protocols |
| ☁️ DevSecOps | Secure SDLC, CI/CD pipeline security, vulnerability management |
| 🎓 Teaching & Speaking | Academic professor, Udemy courses, corporate workshops, conferences |
| ⚖️ Governance | LGPD, ISO 27001, ISA/IEC 62443, risk analysis & compliance |
| 🌐 Network Security | RouterOS/Mikrotik, protocol exploitation, brute-force automation |
---
🚀 Featured Projects
> XPL-Forge Suite — modular offensive security frameworks for embedded, printer, wireless and (soon) perimeter ecosystems.
🛰️ EmbedXPL-Forge
Embedded Device Security Assessment Framework- 700+ modules · 350 CVEs · 55 vendors
- Routers, IP cameras, GPON ONTs, ISP CPEs, IoT edge
- APT Group Engine (APT28, dns-hijack chains, MikroTik, TP-Link)
pip install embedxpl
🖨️ PrinterXPL-Forge
Complete printer penetration testing toolkit (successor of *PrinterReaper*)- 109 commands across PJL, PostScript & PCL
- 4 network protocols, SNMP automated discovery
- File exfiltration, NVRAM access & attack payloads
- Modern Python 3.8+ offensive security tool
📡 WirelessXPL-Forge
Wireless attack surface & lab orchestration- Wi-Fi, BLE, AWDL, rogue AP, mesh, Bruce wardriving
- PCAP analysis, scapy pipelines, red-team workflows
pip install wirelessxpl· BSD-3-Clause
🗡️ MikrotikAPI-BF
RouterOS Attack & Exploitation Framework — v3.5.4- 40 CVE/EDB exploits, Chimay-Red, Winbox
- MAC-Server L2, credential decoder, NPK analyzer
- 300-thread brute force, Nmap NSE auto-install
- CVE scanner ·
pippackage
⚙️ Modbus-Process-Simulator
Java MODBUS Protocol Slave Simulator for OT/ICS testing- Industrial control system security validation
- Evolution of ModbusPal Enhanced
- ICS/SCADA security research lab
🔤 WordListsForHacking
Wordlist generation toolkit for pentest & red team — 25 subcommands- charset, profile, corp-users, default-creds, password-DNA
- DNS fuzzing, web scraping, ISP keygen, ICS/SCADA creds
- ML training, pipal analysis ·
pip install wfh-wordlist
🛠️ Coming soon: FirewallXPL-Forge (FW/NGFW/UTM/WAF/VPN/NAC/LB and OT/ICS firewalls — 164 modules, 18 vendors) is currently in private development.
---
⚡ Tech Stack
🐍 Languages
!Python !Java !Bash !PowerShell !C !PHP🐧 Systems & OS
!Linux !Kali Linux !Debian !Ubuntu !Windows Server🔒 Security Tools
!Metasploit !Burp Suite !Nmap !Wireshark !Nozomi !Tenable---
📊 GitHub Analytics Dashboard
🏆 Profile Stats
⚡ Contribution Graph
🌊 Activity Heatmap
---
🌐 União Geek
Cybersecurity Consulting & Training from Brazil.





---
<!-- LEGAL-NOTICE-UG-MRH -->
Legal notice / aviso legal
Profile README and related files in this repository are licensed under MIT (see [LICENSE](LICENSE)). No warranty; no liability for misuse or third-party claims — use at your own risk. Preserve attribution to the author when reusing; issues and contributions via pull request are welcome where applicable.
O README de perfil e ficheiros associados usam MIT (ver [LICENSE](LICENSE)). Sem garantias; sem responsabilidade por uso indevido — uso por sua conta e risco. Mantenha atribuição ao autor.
---
☕ Support / PIX
If my projects helped you, feel free to contribute! PIX is a Brazilian instant payment method.
| | |
|:---:|:---|
| 🇧🇷 PIX | [email protected] |
| ⭐ GitHub | Give a star to any project that helped you |
---
*For authorized security testing and educational purposes only.*
© 2026 André Henrique (mrhenrike) • União Geek
-
WordListsForHacking ★ PINNED
The most comprehensive wordlist generation toolkit for pentest, red team, and security research. 25 subcommands: charset, profile, corp-users, default-creds, password-dna, DNS fuzzing, web scraping, ISP keygen, ICS/SCADA credentials, ML training, pipal analysis, and more. Python 3.8+ | pip install wfh-wordlist
Python ★ 11 16d agoExplain → -
MikrotikAPI-BF ★ PINNED
RouterOS Attack & Exploitation Framework — 40 CVE/EDB exploits, MAC-Server L2, credential decoder, NPK analyzer, 300-thread BF, Nmap NSE auto-install, pip package, CVE scanner. v3.5.4
Python ★ 90 19d agoExplain → -
Modbus-Process-Simulator ★ PINNED
Modbus Process Simulator (early ModbusPal Enhanced, early Modbus Slave Simulator) is a Java MODBUS Protocol Slave Simulator.
Java ★ 9 22d agoExplain → -
EmbedXPL-Forge
Embedded Device Security Assessment Framework — 700 modules, 350 CVEs, 55 vendors, APT Group Engine. Covers routers, IP cameras, GPON ONTs, ISP CPEs, IoT/embedded edge.
Python ★ 26 4d agoExplain → -
MobaXterm-LicTest
MobaXterm CustomProKey file generator script for License Testing
Python ★ 7 3mo agoExplain → -
IndustrialXPL-Forge
The World's Largest OT/ICS/SCADA Security Assessment Framework. Python-First. 976+ modules, 150+ vendors, 50 protocols, MITRE ATT&CK for ICS 82%, SAST/LLM, 26 ICS malware TTPs.
Python ★ 6 16d agoExplain → -
PrinterXPL-Forge
Complete printer penetration testing toolkit with 109 commands across PJL, PostScript & PCL. 4 network protocols, automated discovery, file exfiltration, NVRAM access, attack payloads. Modern Python 3.8+ offensive security tool.
Python ★ 5 16d agoExplain → -
FirewallXPL-Forge
Perimeter security exploitation framework — 164 modules covering FW, NGFW, UTM, WAF, VPN, NAC, LB, and OT/ICS firewalls (Fortinet, Cisco, Palo Alto, F5, Citrix, Check Point, SonicWall, Ivanti, Siemens, Moxa, +13 vendors). GPU-accelerated, ML-driven, async concurrency, Rich TUI.
Python ★ 5 16d agoExplain → -
WirelessXPL-Forge
Wireless attack surface & lab orchestration — PCAP, Wi-Fi, BLE, AWDL, rogue AP, mesh, Bruce wardriving. pip: wirelessxpl. BSD-3-Clause.
Python ★ 4 16d agoExplain → -
PCAPTrafficAnalysis
Capturing network packets for educational use in a laboratory and controlled environment.
★ 1 22d agoExplain → -
mrhenrike
No description.
★ 0 11h agoExplain →
No repos match these filters.