• TonghuaRoot.


  • OSCP
  • Cyber security enthusiast, not hacker. Focus on Cloud Security, Penetration testing.
  • Submitted multiple security vulnerabilities to many famous Internet companies such as Alibaba, Oracle,Baidu, NetEase, Jingdong, and Youxin.


  • Cloud Security
  • Penetration testing
  • Python
  • AWS


  • ReShellAAS : Reverse Shell as a Service
  • MiningGitlog : A script to mine email addresses in the Github repository
  • MagicHTTP : A tool for converting HTTP request messages into Python scripts
  • CSNotification : A Cobalt Strike Aggressor Script that adapts to common IM and beacon_initial for real-time notification
  • RTLab : A pseudo-random penetration testing environment with common vulnerabilities based on AWS CloudFormation.(Not open source yet, currently rewritten in Terraform)
  • RTIaC : Red Team infrastructure platform based on Terraform



  • Don’t need OSINT, you can get to know me as much as possible through this blog.