Skip to content
View kdairatchi's full-sized avatar
:shipit:
:shipit:
29 followers · 96 following

Achievements

Achievement: Pair ExtraordinaireAchievement: Pull Sharkx2Achievement: QuickdrawAchievement: YOLO

Achievements

Achievement: Pair ExtraordinaireAchievement: Pull Sharkx2Achievement: QuickdrawAchievement: YOLO

Block or report kdairatchi

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
kdairatchi/README.md

kdairatchi

Bug-bounty hunter who builds tools. Crystal-native offensive security, autonomous hunt pipelines, and hardware-adjacent frameworks for offline research.

Work surfaces at prowlrbot.com.

Shipping

quartz · Crystal · Flipper Zero dev framework. Single static binary. Offline-first. Federated .sig bundles shared peer-to-peer, not uploaded to someone else's lab. Parser, host-side simulator, native FAP build, serial RPC.

CyberBox · Docker · Security workspace. 160+ tools, Caido proxy plugin, dual-LLM routing (Claude + Ollama), plugin marketplace, AI guardrails. Latest: v0.2.1.

ProwlrBot · Python + Go · Multi-agent platform. Bash pipelines chain security binaries into recon → vulnscan → triage → report. AI agents read tool output; no LLM wraps a CLI. Spine is FastAPI, console is shadcn/Tailwind.

Tooling (open source)

Repo Stack What it does
flaw Crystal SAST for bug-bounty targets — regex + AST rules, plugin-friendly
ghactor Go GitHub Actions hardening CLI: lint · fix · SHA-pin · trial · trail
Prowlrview Crystal Intercepting proxy + live attack-surface graph, Lua plugins
ROAR Protocol Python Agent-to-agent communication standard — MCP + A2A + ACP + ANP in one
gf-patterns regex Opinionated bug-bounty grep patterns
nuclei-templates-custom YAML Custom nuclei templates from live hunts

Stack

Languages   Crystal · Rust · Go · Python · TypeScript
Security    Caido · Nuclei · 160+ Go binaries · custom Crystal tooling
Agents      Claude Code · Ollama · MCP · ROAR
Hardware    Flipper Zero · GL-AR150 · RTL-SDR
Infra       Cloudflare Pages · Fly.io · Docker · WSL2
Notes       Obsidian second-brain — methodology, CVEs, red/blue playbooks

Focus

Autonomous recon → triage → report pipelines that make one hunter move like a team. Prompt-injection guardrails and secret redaction for offensive tooling. Supply-chain posture for the bug-bounty toolchain itself — pin every action, audit every dependency. Crystal-native security tools.

Currently learning

  • Crystal macros and AST work for flaw's rule engine
  • Rust for the roar transport fast-path
  • Flipper firmware internals (FuriHAL, protobuf RPC, native FAPs)
prowlrbot.com · kdaistack · @ProwlrBot · prowlr@proton.me

Pinned Loading

  1. ProwlrBot/prowlrbot ProwlrBot/prowlrbot Public

    Always watching. Always ready. Autonomous AI agent platform for monitoring, automation, and multi-channel communication.

    Python