Skip to content
View liamromanis101's full-sized avatar
💭
"gestalt mode"
💭
"gestalt mode"
71 followers · 127 following

Achievements

Achievement: Starstruck

Achievements

Achievement: Starstruck

Block or report liamromanis101

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
liamromanis101/README.md

Click me [Headphones On]: Header preview

whoami

$ cat /etc/profile.d/liam.sh

NAME="Liam Romanis"
ROLE="Senior Penetration Tester | Principal Security Consultant | Freelance"
EXPERIENCE="29+ years in offensive security"
FORMER_ROLE="CESG CHECK Team Leader (1999–2023) — one of the longest continuous tenures in the scheme"
SECTORS="UK Government · MOD · Defence Primes · Financial Services · Telecomms · CNI · Commercial"
FOCUS="Manual testing excellence · Vulnerability research · Pragmatic risk-based assessment"
CURRENTLY="Freelance pentest engagements + AI Red Teaming courses"

cat skills.txt

🔴 Penetration Testing & Offensive Security

Web App Infra Red Team TLPT OT/ICS Mobile Desktop MITRE SAP AI

☁️ Cloud & Identity Security

Azure AWS M365 IAM MFA Conditional Access

💻 Languages & Development

Python Bash PHP C# Ansible Perl C/C++

🌐 Technologies Assessed

Web & Application Frameworks React Next.js Angular Node.js WordPress Drupal Shopify Django ASP.NET PHP GraphQL REST API OAuth/OIDC CSP

Identity & Directory Services Active Directory Azure AD LDAP Kerberos ADFS

Cloud Platforms AWS Azure M365

Container & Orchestration Kubernetes Docker

Network & Infrastructure SSL/TLS SNMP SAP

🤖 Artificial Intelligence & Security

OpenAI Claude AI Red Teaming Prompt Injection

🏅 Certifications & Standards

CHECK TigerScheme CREST PRINCE2 ISO9001

ls -la /repos/

Click me: Repo feed preview

Pinned highlights

🛠️ AWS-IAM-Policy-Audit

Python 3 tool to analyze AWS IAM policies for risky permissions. Tracks affected principals, simulates sensitive actions, detects privilege escalation patterns, and flags cross-account trust exposures. Outputs findings in Table, JSON, or CSV with severity scoring (0–100).

Python · AWS · IAM · PrivEsc Detection · Cloud Security

🦑 Snecky

Passive network sniffing tool that simplifies detection and reporting of network protocols with weak configurations. Outputs results in Nessus-compatible format for seamless import into reporting tools.

Python · Network Security · Passive Recon · Nessus Integration

💥 CVE-2025-29927-NextJS

Proof-of-Concept for CVE-2025-29927 — a critical middleware bypass vulnerability affecting Next.js versions 11.x through 15.x. For authorised security testing and verification.

Python · CVE Research · Next.js · Web App Security

🔧 Additional Tools (developed during engagements)

Tool Description
SNMPPLUX SNMP enumeration and analysis tooling
LibScanner Library/dependency scanning utility
ORR Offline reporting and review tool
SSLScanner (PHP) SSL/TLS configuration scanner
Azure MFA Auditor Identifies Azure users without MFA where standard tooling fails
Azure Conditional Access Extractor Extracts and analyses Conditional Access policies, outputs CSV artefacts
Azure Storage Assessor Internal and external Azure storage enumeration and assessment

cat experience.txt | grep sectors

✔ UK Government & MOD                ✔ Defence Primes
✔ Financial Services (MetroBank, ICAP, EBLF)   ✔ Telecommunications
✔ Critical National Infrastructure   ✔ NHS & Central Government
✔ Commercial Enterprise              ✔ SaaS & Cloud Platforms

GitHub Stats

Click me:

Stats preview

┌──────────────────────────────────────────────────────────────────────────────┐
│  "Security is not a product, but a process — and I've been in that           │
│   process longer than most frameworks have existed."                         │
└──────────────────────────────────────────────────────────────────────────────┘

All tools and PoCs published here are intended for authorised security testing and research only.

Popular repositories Loading

  1. CVE-2026-31431-Copy-Fail---Vulnerability-Detection-Script CVE-2026-31431-Copy-Fail---Vulnerability-Detection-Script Public

    Detection Only.. working on an exploit PoC

    Shell 24 2

  2. DirtyFrag-Detector DirtyFrag-Detector Public

    CVE-2026-43284/CVE-2026-43500 'DirtyFrag' Benign patch & mitigation detection script

    Python 12

  3. M365-Scripts M365-Scripts Public

    Collection of scripts for testing M365 subscriptions

    Python 5

  4. MIFARE-Classic-Dump-Analyzer MIFARE-Classic-Dump-Analyzer Public

    This Python script analyzes .mfcdump files from Flipper Zero MIFARE Classic card reads, detects known keys, decodes access bits, reads accessible data blocks, and tries to identify the manufacturer…

    Python 5

  5. K8s-container_escape_audit K8s-container_escape_audit Public

    Look for possible escape vectors from a container

    Shell 5

  6. Snecky Snecky Public

    Tool to simplify detection and reporting or network protocols with weak configurations and output into a Nessus like format for import to reporting tools.

    Python 1