My name is Itzik Kotler and I’m the Co-Founder and Chief Technology Officer of SafeBreach. I live in Mountain View, California, with my wife Dana, and our children, Maya and Adam. I have a passion for offensive security and solving hard problems. In my free time, I enjoy playing my electric bass guitar and appreciating Scotch Whiskies.

Sometimes I blog here. Follow me on Twitter @itzikkotler


Selected Projects:

  • Hackersh is a free and open source shell (command interpreter) written in Python with Pythonect-like syntax, builtin security commands, and out of the box wrappers for various security tools. It is like Unix pipeline, but for processing security information and metadata rather than bytes. Hackersh is written in Python, and is available under the GPL version 2 or later version. Hackersh is referenced in the Anti-Hacker Tool Kit, Fourth Edition

  • Pythonect is a new, experimental, general-purpose dataflow programming language based on Python. It provides both a visual programming language and a text-based scripting language. The text-based scripting language aims to combine the quick and intuitive feel of shell scripting, with the power of Python. The visual programming language is based on the idea of a diagram with “boxes and arrows”.

  • Pytroj is a proof of concept malware that infects Python compiled files (*.pyc). It searches for Python compiled files in a directory and injects itself and a payload into them. Pytroj is written in Python, and is available under the LGPL license v2.1 or later. Symantec posted a blog entry on Pytroj named “This Python Has Venom!”

  • Moshi Moshi is a proof of concept bot that communicates over VoIP. It dial out using SIP protocol and uses DTMF tones as an input and voice (i.e. text-to-speech) as an output. Moshi Moshi is written in Python, and is available under the GPL v3 license. Moshi Moshi has been reviewed and discussed in Chapter 8 of the Unified Communications Forensics: Anatomy of Common UC Attacks

  • IPPON is a tool that uses several techniques of update-exploitation attacks which leverages a man-in-the-middle attack, to build and inject a fake update reply or hijack an on-going update session. IPPON is written in Python, and is available under the GPL v3 license. IPPON has been reviewed and discussed in Chapter 5 of the Hacking Exposed Wireless, Second Edition book

More …


I love presenting my research, meeting new people, and traveling to different places:














I’ve written a lot of different things over the years, from technical articles to blog posts to :

2015 - …

2012 - 2013





  • “Shellcodes Evolution” in Hakin9 Magazine, Issue 1 (January)




I love to volunteer and give back to the community. Very proud to be part of the following: