Skip to content
View maycon's full-sized avatar
131 followers · 18 following

Achievements

Achievement: QuickdrawAchievement: YOLOAchievement: Public SponsorAchievement: Pull Sharkx2Achievement: Arctic Code Vault Contributor

Achievements

Achievement: QuickdrawAchievement: YOLOAchievement: Public SponsorAchievement: Pull Sharkx2Achievement: Arctic Code Vault Contributor

Block or report maycon

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
maycon/README.md

👋 Hi, I’m Maycon Maia Vitali (aka Hack N' Roll)

Security Engineer & Offensive Researcher
Hack The Planet — responsibly 🧠💥

🚀 About Me

I’m a passionate security engineer and offensive researcher focused on real-world abuse cases, vulnerability research, security tooling, and automation.
I enjoy breaking systems to make them safer and building tools that help the community advance.
My work spans from race condition exploitation frameworks to mobile and cloud security automation.

🛠️ Core Focus

Security & Offensive

  • AppSec / Offensive research
  • Race condition PoCs & frameworks
  • Mobile (Android) security & reverse engineering
  • HTTP/2 abuse, timing attacks

Languages & Tools

  • Python • Go • Rust • Bash
  • Burp Suite • Frida • mitmproxy
  • Docker • Kubernetes • AWS • GitHub Actions

📌 Featured Work

I maintain a range of projects focused on offensive tooling, automation, and security research, including:

  • 🔥 TRECO — Tactical race condition exploitation framework
  • 🧰 Security automation for compliance & ops
  • 📱 Android security utilities

🎤 Talks & Community

I’ve shared research and tooling at community events, focusing on:

  • Race condition exploitation in APIs
  • Offensive AppSec challenges
  • Practical security tooling workflows

☕ Support My Work

If my tools, research, or talks helped you, consider supporting my work:

You can also Sponsor me on GitHub 💙 to support open-source security development.

📫 Connect With Me

Pinned Loading

  1. TRECO TRECO Public

    Tactical Race Exploitation & Concurrency Orchestrator

    Python 26 2

  2. bf-md5-collision bf-md5-collision Public

    🧠 Brainfuck MD5 Collision Challenge

    Python 1 1

  3. racing-bank racing-bank Public

    🏦 Hack N Roll Racing Bank

    Kotlin 2

  4. bankao-api bankao-api Public

    A deliberately vulnerable banking API built with FastAPI to demonstrate race condition vulnerabilities in concurrent systems.

    Python 1

  5. uuid-decoder uuid-decoder Public

    Decodes UUIDs versions 1-8 showing all fields as specified in RFC 9562

    Python 1

  6. talks talks Public

    CSS 11 1