Skip to content
View heinricitorgau's full-sized avatar
5 followers · 3 following

Block or report heinricitorgau

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
heinricitorgau/README.md

Hi, I’m Gao En-Zai

CSIE Student | Cybersecurity Learning & Practice

Hi — I’m Gao En-Zai, a CSIE undergraduate student learning cybersecurity through hands-on practice.

I focus on understanding how common attacks work in a controlled environment and how basic defensive techniques can be applied.
Most of my projects are built as learning labs using Kali Linux and VirtualBox, mainly for study, documentation, and self-practice.

“Build to understand, not to exploit.”

Featured Project

Offense-to-Defense: A Kali Linux Guide to Reverse Shells and Backdoors

A beginner-friendly lab that demonstrates how reverse shells and simple backdoors work, with notes on what defenders might observe.

Quick Start

  1. Clone the repository
  2. Run setup_lab.sh in a virtual machine
  3. Follow the guide step by step

Learning Interests

  • Basic ethical hacking concepts
  • Reverse shells and simple backdoor behavior
  • Introductory C2 communication models
  • Anonymity tools (Tor, SOCKS5) basics
  • Secure coding awareness and vulnerability fixing

Ethics & Legal Notice

All projects are for educational purposes only.
Only test systems you own or have explicit permission to use.

Tools & Environment

Python · Bash · Linux (Kali, Debian) · VirtualBox
Wireshark · Tor · Apache2

Current Learning Goals

  • Strengthen Linux and networking fundamentals
  • Improve lab documentation and clarity
  • Learn how basic attack behaviors are detected

Practice Projects

  • Simple C2 Simulation — socket-based client/server practice
  • Tor IP Rotation Script — ControlPort automation exercise
  • RailsGoat Practice Notes — OWASP Top 10 learning records
  • Fake Wi-Fi Demo Lab — awareness lab for rogue AP risks

License

All repositories are released under the MIT License.

Contact

Hsinchu, Taiwan
ek2412045@gmail.com
GitHub: https://github.com/heinricitorgau

Popular repositories Loading

  1. Offense-to-Defense-A-Kali-Linux-Guide-to-Reverse-Shells-and-Backdoors Offense-to-Defense-A-Kali-Linux-Guide-to-Reverse-Shells-and-Backdoors Public

    Demonstrates a full penetration workflow on a lab target: scanning, exploitation, reverse shell establishment, privilege escalation, and defensive validation.

    Shell 1

  2. heinricitorgau heinricitorgau Public

  3. Implementation-of-Fake-Wi-Fi-Hotspot-and-Phishing-Login-Page-Attack Implementation-of-Fake-Wi-Fi-Hotspot-and-Phishing-Login-Page-Attack Public

    Simulates a rogue Wi-Fi access point and a phishing login portal in an isolated lab to demonstrate credential-theft risks and to teach user awareness.

    HTML

  4. Development-of-a-Dynamic-Identity-Hiding-System-Combining-Tor-and-SOCKS5-Proxy Development-of-a-Dynamic-Identity-Hiding-System-Combining-Tor-and-SOCKS5-Proxy Public

    Demonstrates a full penetration workflow on a lab target: scanning, exploitation, reverse shell establishment, privilege escalation, and defensive validation.

    Python

  5. Experimental-C2-Architecture-and-Cyber-Defense-Analysis Experimental-C2-Architecture-and-Cyber-Defense-Analysis Public

    Builds a simplified Command & Control (C2) prototype to study remote command execution and file transfer patterns, while exploring detection strategies from a defensive perspective.

    Python

  6. Web-Vulnerability-Attack-Defense-and-Patch-Experimentation-on-the-RailsGoat-Application Web-Vulnerability-Attack-Defense-and-Patch-Experimentation-on-the-RailsGoat-Application Public

    Reproduces SQL Injection and Stored XSS vulnerabilities in the RailsGoat application and demonstrates secure patching and verification techniques.

    Shell