System online · Available for work
Securing the digital frontier, one vulnerability at a time.
Passionate cybersecurity professional with expertise in penetration testing,
security architecture, and incident response. I combine technical skills with
a deep understanding of threat landscapes to protect organizations from evolving cyber threats.
When I'm not hunting vulnerabilities, you'll find me contributing to open-source
security tools and sharing knowledge with the community.
Skill strength rated 1–5 across operational domains. Hover a row to inspect; values self-report and are kept current.
Contextual secret scanner: regex + entropy + LLM-grounded context filtering to cut false positives.
LLM jailbreak/prompt-injection benchmark: curated test corpus, deterministic scoring, LLM-as-judge evaluator.
Defender-side phishing-awareness training toolkit: 9-rule detector, difficulty grader, defanger, LLM analyst explainer, auth-gated lure generator.
Behavior-analytics insider threat detector: per-user profile, 8 signals, weighted aggregation, LLM-grounded explainer.
Read-only AWS VPC posture/baseline checker (boto3 + JSON loaders, 10 bundled rules, LLM explainer)
Hybrid (signatures + ML) DDoS classifier on NetFlow-style records, with LLM-grounded explanations.
HTTP WAF anomaly-detection layer: regex signatures + z-score/iForest/path-rarity, hybrid allow/log/challenge/block decision, LLM explainer
Risk-aware CVE triage: CVSS v3.1 + EPSS + CISA KEV + asset registry, with LLM explainer (citation-guarded)
Adversarial ML toolkit: vision+text attacks, input-space defenses, robustness benchmark, LLM explainer with citation guard
LLM-driven defensive recon orchestrator (nmap/http/ffuf) with hard scope and tool whitelists
Have a security challenge or want to collaborate? Reach out.