Skip to content
@Uniao-Geek

União Geek

README.md
Typing SVG

Website Blog Instagram Facebook Email


20+ Years 500+ Projects 5300+ Students


🇧🇷 Versão em Português  |  🇺🇸 English version below

Cybersecurity Consulting & TrainingOT/ICS/SCADA/IoTOffensive & Defensive SecurityBrazil 🇧🇷

+20 years protecting critical infrastructure — from shop floor to cloud.

🎯 About União Geek

União Geek is a Brazilian cybersecurity company founded by André Henrique (@mrhenrike), specializing in end-to-end security across all technology domains — from industrial control systems to enterprise IT.

We help organizations prevent, detect, and respond to cyber threats through consulting, penetration testing, hands-on training, and purpose-built open-source tooling.

🔬 Specialties

🔴 Offensive Security

  • Web Application Pentesting
  • Mobile Security (Android/iOS)
  • Network & Infrastructure Hacking
  • WiFi & Wireless Security
  • Social Engineering & Phishing
  • Code Review & SAST

🔵 Defensive Security

  • SIEM · SOAR · XDR · MDR
  • SOC Operations & Threat Hunting
  • Incident Response (IR)
  • NIST-CSF & MITRE ATT&CK Implementation
  • Vulnerability Management (Tenable, Nessus)
  • EDR & Endpoint Protection

🏭 OT / ICS / SCADA Security

  • Industrial Security Assessment
  • Protocol Analysis (Modbus, DNP3, OPC, PROFINET)
  • ISA/IEC 62443 Compliance
  • GRFICS Lab Environment
  • Nozomi Networks (NNCE Certified)
  • PLC/HMI Security Evaluation

📡 IoT & IIoT Security

  • Embedded Device Security
  • Firmware Analysis & Reverse Engineering
  • Wireless Protocol Security (Zigbee, Z-Wave, BLE)
  • Hardware Hacking
  • SCADA/IoT Integration Risk Assessment
  • Smart Grid & Critical Infrastructure

☁️ DevSecOps

  • Secure SDLC Integration
  • CI/CD Pipeline Security
  • Container & Kubernetes Security
  • LGPD · GDPR · ISO 27001 Compliance
  • Infrastructure as Code Security
  • Cloud Security (AWS, Azure, GCP)

🎓 Training & Education

  • Academic OT/ICS/SCADA Courses
  • Udemy: Wi-Fi Hacking, Social Engineering
  • Corporate Workshops & Bootcamps
  • MindTheSec · BSides · H2HC · RoadSec · FLISOL
  • Mentoring — Career in Cybersecurity
  • 5,300+ students trained

🚀 Open-Source Arsenal

🔴 Offensive Security — XPL-Forge Suite

Modular offensive frameworks for embedded, printer, wireless and (soon) perimeter ecosystems — by @mrhenrike.

🛰️ EmbedXPL-Forge

Embedded Device Security Assessment Framework

  • 700+ modules · 350 CVEs · 55 vendors
  • Routers, IP cameras, GPON ONTs, ISP CPEs, IoT edge
  • APT Group Engine (APT28, dns-hijack chains, MikroTik, TP-Link)
  • pip install embedxpl

Stars Forks

🖨️ PrinterXPL-Forge

Complete printer penetration testing toolkit

  • 109 commands across PJL, PostScript & PCL
  • 4 network protocols, SNMP automated discovery
  • File exfiltration, NVRAM access & attack payloads
  • Modern Python 3.8+ offensive security tool

Stars Forks

📡 WirelessXPL-Forge

Wireless attack surface & lab orchestration

  • Wi-Fi, BLE, AWDL, rogue AP, mesh, Bruce wardriving
  • PCAP analysis, scapy pipelines, red-team workflows
  • pip install wirelessxpl · BSD-3-Clause

Stars Forks

🗡️ MikrotikAPI-BF

RouterOS Attack & Exploitation Framework — v3.5.4

  • 40 CVE/EDB exploits, Chimay-Red, Winbox
  • MAC-Server L2, credential decoder, NPK analyzer
  • 300-thread brute force, Nmap NSE auto-install
  • CVE scanner · pip package

Stars Forks

🔤 WordListsForHacking

Most comprehensive wordlist toolkit for pentest & red team

  • 25 subcommands: charset, profile, corp-users, default-creds, password-DNA
  • DNS fuzzing, web scraping, ISP keygen, ICS/SCADA creds
  • ML training, pipal analysis · pip install wfh-wordlist

Stars Forks

🔬 Embedded-Firmware-Research

IoT Firmware Security Research

  • Forensic analysis & vulnerability hunting
  • PoC development & responsible disclosure
  • Smart TVs, NVRs, cameras, routers firmware

Stars

🔵 Defensive / Blue Team

🛡️ WinRM-Log-Collector

Enhanced PowerShell for Windows log collection via WEC

  • HTTP/HTTPS WinRM listener configuration
  • Firewall & certificate management
  • Blue team / SOC ready · SIEM integration

Stars Forks

🏗️ SOC-Detection-Lab

Modern cybersecurity detection laboratory

  • Threat hunting & adversary simulation
  • Blue team training environment
  • Hands-on SOC exercises · MITRE ATT&CK

Stars Docs

🏭 OT / ICS / SCADA

GRIDSTRIKE

The World's Largest Open-Source OT/ICS/SCADA Security Arsenal

  • Critical infrastructure attack & defense
  • Honeypots, PLC/HMI assessment, Modbus/DNP3
  • PCAP analysis & industrial protocol research

Stars

⚙️ Modbus-Process-Simulator

Java MODBUS Protocol Slave Simulator for OT/ICS testing

  • Industrial control system security validation
  • ICS/SCADA security research lab
  • Evolution of ModbusPal Enhanced

Stars

🌿 VirtualPlants-For-OT

Virtual industrial plant simulation for OT security

  • Realistic process simulation for lab environments
  • Security testing without physical infrastructure

Stars

🤖 AI / Anti-Fraud

🔍 InvestigaPraMim

Anti-fraud platform for PIX, boletos, e-mails, SMS & links

  • Internal AI/ML engine + DICT/BCB pool integration
  • OCR, fraud detection, FastAPI backend
  • Brazilian financial ecosystem focused

Stars

🌩️ tupan-ai

Tupan AI — Brazilian anti-fraud intelligence system

  • REST API + A2A Protocol
  • 20 acoustic algorithms · AI image detection
  • FraudPalace semantic engine

Stars

📱 DeuLeak

União Geek institutional mobile app (DeuLeak)

  • Expo/React Native cross-platform
  • Data breach awareness & notification

Stars

📲 investigapramim-mobile

Official InvestigaPraMim mobile app

  • React Native / Expo
  • On-device fraud consultation

Stars

🏅 Team Certifications

OSCP GICSP GRID CEH CompTIA ISA62443 NNCE RSA Tenable Microsoft LPIC Securonix

45+ additional certifications including LGPD, GDPR, ESG, ISO 27001, Sophos EDR, Microsoft SC-200 and more

🏗️ SaaS Platforms

✍️ SignFlow

Digital document signing with legal validity

  • A1 certificate support · PDF digital signatures
  • Identity verification & audit trails
  • Secure document workflow & compliance

🔍 LGPD-Radar

Automated LGPD compliance scanner

  • WebApp & API privacy risk assessment
  • Automated compliance checking
  • Actionable remediation reports

🕵️ InvestigaPraMim

Anti-fraud consultation platform

  • PIX · Boleto · E-mail · SMS · Link verification
  • AI/ML internal engine + BCB/DICT integration
  • Mobile app available (iOS & Android)

🌩️ Tupan AI

Brazilian anti-fraud intelligence API

  • 20 acoustic algorithms for voice fraud
  • AI image detection & deepfake analysis
  • FraudPalace semantic knowledge engine

👥 Team
mrhenrike André Henrique@mrhenrike
LinkedIn X		 Co-Founder & Lead Hacker · Ethical Hacker & OT Security Expert · Cybersecurity Advisor @ VisionCybersecurity · OSCP · GICSP · GRID · 45+ certs · 8th BlackHat CTF 2018
bhrandon Bhrandon Borges@bhrandon
LinkedIn		 Co-Founder & Cyber Expert · SIEM Expert & PHP Developer · Cyber Security Tech Leader @ ISH Tecnologia · MDR Tech Leader · SIEM Specialist · 2x Pós-Graduação · Projeto LINCE

🤝 Partners

NeflinSEC

📊 GitHub Analytics Dashboard

🏆 Lead Contributor Stats

GitHub Stats GitHub Trophies

⚡ Contribution Graph

Activity Graph

🌊 Activity Heatmap

github contribution grid snake animation

Legal notice / aviso legal

This organization's public repositories and profile materials are shared for education, research, and explicitly authorized security work. No warranty of any kind; no liability for misuse, damages, or third-party claims — use at your own risk. Preserve copyright and attribution to original authors; issues and pull requests are welcome. Each repository's LICENSE file applies to that repository's contents.

Os repositórios públicos e materiais de perfil são compartilhados para educação, pesquisa e trabalho de segurança autorizado. Sem garantias; sem responsabilidade por uso indevido, danos ou reclamações de terceiros — uso por sua conta e risco. Mantenha créditos e atribuição; issues e pull requests são bem-vindos. O ficheiro LICENSE de cada repositório rege esse conteúdo.

For authorized security testing and educational purposes only.

© 2026 União Geek • Cybersecurity Consulting & Training from Brazil 🇧🇷

Popular repositories Loading

  1. WinRM-Log-Collector WinRM-Log-Collector Public

    🚀 Enhanced PowerShell script for configuring Windows Remote Management (WinRM) for log collection via Windows Event Collector (WEC). Supports HTTP/HTTPS listeners with comprehensive security featur…

    PowerShell 3

  2. SOC-Detection-Lab SOC-Detection-Lab Public

    A modern cybersecurity detection laboratory for threat hunting, adversary simulation, and SOC training

    HTML

  3. .github .github Public

Repositories

Showing 3 of 3 repositories

People

This organization has no public members. You must be a member to see who’s a part of this organization.

Top languages

Loading…

Most used topics

Loading…