Skip to content
View mrhenrike's full-sized avatar
💭
I may be slow to respond.
💭
I may be slow to respond.

Block or report mrhenrike

Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
mrhenrike/README.md

🧠 About Me

I'm André Henrique, Co-Founder of União Geek and Cybersecurity Advisor @ VisionCybersecurity — with 20+ years protecting critical infrastructure, specializing in Offensive & Defensive Security across IT, OT, ICS, SCADA, IoT and IIoT environments.

  • 🎓 Academic Professor — OT/ICS/SCADA Security
  • 🏴 8th place — BlackHat CTF 2018
  • 🔐 OSCP · GICSP · GRID · CEH · 45+ certifications
  • 📦 500+ projects delivered · 5,300+ students trained
  • 🧩 Speaker at MindTheSec, BSides, H2HC, RoadSec, FLISOL

🏅 Certifications

OSCP GICSP GRID CEH CompTIA LPIC ISA62443 Nozomi RSA Microsoft

+ EHF · OEIS · Securonix SOC Analyst · Sophos EDR Admin · Tenable (Nessus/SC/IO) · ICS Security w/ GRFICS and 30+ more


🔬 Areas of Expertise

Domain Focus
🔴 Offensive Security Web, Mobile, Network, WiFi, Social Engineering & Code Review Pentesting
🔵 Defensive Security SIEM, SOAR, XDR, MDR, SOC, IR — NIST-CSF & MITRE ATT&CK
🏭 OT / ICS / SCADA Industrial security assessment, protocol analysis (Modbus, DNP3, OPC)
📡 IoT & IIoT Embedded device security, firmware analysis, wireless protocols
☁️ DevSecOps Secure SDLC, CI/CD pipeline security, vulnerability management
🎓 Teaching & Speaking Academic professor, Udemy courses, corporate workshops, conferences
⚖️ Governance LGPD, ISO 27001, ISA/IEC 62443, risk analysis & compliance
🌐 Network Security RouterOS/Mikrotik, protocol exploitation, brute-force automation

🚀 Featured Projects

XPL-Forge Suite — modular offensive security frameworks for embedded, printer, wireless and (soon) perimeter ecosystems.

Embedded Device Security Assessment Framework

  • 700+ modules · 350 CVEs · 55 vendors
  • Routers, IP cameras, GPON ONTs, ISP CPEs, IoT edge
  • APT Group Engine (APT28, dns-hijack chains, MikroTik, TP-Link)
  • pip install embedxpl

Stars Forks

Complete printer penetration testing toolkit (successor of PrinterReaper)

  • 109 commands across PJL, PostScript & PCL
  • 4 network protocols, SNMP automated discovery
  • File exfiltration, NVRAM access & attack payloads
  • Modern Python 3.8+ offensive security tool

Stars Forks

Wireless attack surface & lab orchestration

  • Wi-Fi, BLE, AWDL, rogue AP, mesh, Bruce wardriving
  • PCAP analysis, scapy pipelines, red-team workflows
  • pip install wirelessxpl · BSD-3-Clause

Stars Forks

RouterOS Attack & Exploitation Framework — v3.5.4

  • 40 CVE/EDB exploits, Chimay-Red, Winbox
  • MAC-Server L2, credential decoder, NPK analyzer
  • 300-thread brute force, Nmap NSE auto-install
  • CVE scanner · pip package

Stars Forks

Java MODBUS Protocol Slave Simulator for OT/ICS testing

  • Industrial control system security validation
  • Evolution of ModbusPal Enhanced
  • ICS/SCADA security research lab

Stars Forks

Wordlist generation toolkit for pentest & red team — 25 subcommands

  • charset, profile, corp-users, default-creds, password-DNA
  • DNS fuzzing, web scraping, ISP keygen, ICS/SCADA creds
  • ML training, pipal analysis · pip install wfh-wordlist

Stars Forks

🛠️ Coming soon: FirewallXPL-Forge (FW/NGFW/UTM/WAF/VPN/NAC/LB and OT/ICS firewalls — 164 modules, 18 vendors) is currently in private development.


⚡ Tech Stack

🐍 Languages

Python Java Bash PowerShell C PHP

🐧 Systems & OS

Linux Kali Linux Debian Ubuntu Windows Server

🔒 Security Tools

Metasploit Burp Suite Nmap Wireshark Nozomi Tenable


📊 GitHub Analytics Dashboard

🏆 Profile Stats

GitHub Stats GitHub Trophies

⚡ Contribution Graph

Activity Graph

🌊 Activity Heatmap

github contribution grid snake animation

🌐 União Geek

Cybersecurity Consulting & Training from Brazil.

União Geek Blog GitHub Org Instagram Facebook


Legal notice / aviso legal

Profile README and related files in this repository are licensed under MIT (see LICENSE). No warranty; no liability for misuse or third-party claims — use at your own risk. Preserve attribution to the author when reusing; issues and contributions via pull request are welcome where applicable.

O README de perfil e ficheiros associados usam MIT (ver LICENSE). Sem garantias; sem responsabilidade por uso indevido — uso por sua conta e risco. Mantenha atribuição ao autor.


☕ Support / PIX

If my projects helped you, feel free to contribute! PIX is a Brazilian instant payment method.

🇧🇷 PIX henrique.santos@uniaogeek.com.br
GitHub Give a star to any project that helped you

For authorized security testing and educational purposes only.

© 2026 André Henrique (mrhenrike) • União Geek

Pinned Loading

  1. WordListsForHacking WordListsForHacking Public

    The most comprehensive wordlist generation toolkit for pentest, red team, and security research. 25 subcommands: charset, profile, corp-users, default-creds, password-dna, DNS fuzzing, web scraping…

    Python 9 3

  2. MikrotikAPI-BF MikrotikAPI-BF Public

    RouterOS Attack & Exploitation Framework — 40 CVE/EDB exploits, MAC-Server L2, credential decoder, NPK analyzer, 300-thread BF, Nmap NSE auto-install, pip package, CVE scanner. v3.5.4

    Python 88 29

  3. Modbus-Process-Simulator Modbus-Process-Simulator Public

    Modbus Process Simulator (early ModbusPal Enhanced, early Modbus Slave Simulator) is a Java MODBUS Protocol Slave Simulator.

    Java 9 3