Portfolio

MITRE eCTF 2026 β€” Bare-Metal HSM Firmware (NeuSense)
β˜… Featured

Hardware Security / Embedded Systems

MITRE eCTF 2026 β€” Bare-Metal HSM Firmware (NeuSense)

Led Northeastern's NEU-1 team building a Hardware Security Module from scratch in C on the TI MSPM0L2228 (ARM Cortex-M0+). Designed and implemented AES-CBC-256 via AESADV hardware peripheral (DMA-driven), HMAC-SHA256, a 3-tier HKDF key hierarchy (ROOT_SEED→DEVICE_SEED→ENC_SEED/SESSION_SEED), PIN rate limiting, fail-closed permission model, and a secure flash filesystem — all without an OS.

View case study
NyxKernel β€” Personal Brand Website & YouTube Channel

Personal Brand / Frontend Development

NyxKernel β€” Personal Brand Website & YouTube Channel

Designed and built a full personal brand system β€” a glassmorphic React/HTML portfolio site with a dark futuristic aesthetic, an HTML5 Canvas YouTube channel intro animation, and the NyxKernel brand identity targeting the offensive security education space.

View project
Opus β€” Personal Creator Platform (Writing Β· Books Β· Work)

Full-Stack Development / Creator Platform

Opus β€” Personal Creator Platform (Writing Β· Books Β· Work)

A personal creator platform β€” "collected works" β€” bringing writing, books, and project portfolio under one bright, editorial web experience. Built on Next.js 15 with a file-based MDX content model and TinaCMS for online editing, deployed on Vercel.

View project
Talon β€” Local-First Bug Bounty Workspace

Security Tooling / Web Application

Talon β€” Local-First Bug Bounty Workspace

A local-first workspace for bug bounty hunters β€” manage programs, scopes, targets, and findings entirely in the browser with no backend. Built with Next.js and Dexie (IndexedDB) so all recon data stays on your machine.

View project
Mockingbird β€” Plug-and-Play Honeypot & Canary Device

Deception Technology / IoT Security

Mockingbird β€” Plug-and-Play Honeypot & Canary Device

A plug-and-play deception device that drops onto any network and impersonates real services to catch intruders early. A FastAPI detection engine runs on a Raspberry Pi and streams alerts to a Next.js dashboard.

View project
MQTT Denial-of-Service Attack β€” Mosquitto Broker on Raspberry Pi 4

Network Security / IoT Attack Research

MQTT Denial-of-Service Attack β€” Mosquitto Broker on Raspberry Pi 4

Designed and executed a three-vector Denial-of-Service attack against a live Mosquitto MQTT broker on a Raspberry Pi 4 using Python scripts. Attack drove broker RAM from 600MB to 8GB, network traffic from under 1 Mbit/s to 600–700 Mbit/s, and caused a full broker outage lasting ~49 minutes.

View project
Snort IDS/IPS Lab β€” CVE Detection, PCAP Analysis & Reverse Shell Detection

Network Security / Intrusion Detection

Snort IDS/IPS Lab β€” CVE Detection, PCAP Analysis & Reverse Shell Detection

Deployed and configured Snort in both detection (IDS) and inline prevention (IPS/NFQUEUE) modes. Wrote custom rules detecting SQL injection, CVE-2021-26855 (ProxyLogon), CVE-2022-1388 (F5 BIG-IP RCE), and CVE-2018-7600 (Drupalgeddon 2). Performed forensic PCAP analysis and reverse shell traffic detection.

View project
BD Alaris 8015 β€” Medical Device Vulnerability Analysis (CVE-2016-9355)

Medical Device Security / Vulnerability Research

BD Alaris 8015 β€” Medical Device Vulnerability Analysis (CVE-2016-9355)

Graduate security research project analyzing CVE-2016-9355 on the BD Alaris 8015 infusion pump. Delivered a complete vulnerability package including STRIDE threat model, DFD diagrams, CVSS v3.1 scoring, exploit chain documentation, and a confirmed new finding β€” CWE-798 hardcoded default credentials.

View project
Bounty Hawk (Automated Reconnaissance Framework)

Cybersecurity Project

Bounty Hawk (Automated Reconnaissance Framework)

This lightweight framework is designed to streamline and expedite the reconnaissance phase of penetration testing, saving valuable time and enhancing efficiency.

View project
Aviary β€” Recon Tooling Cockpit (Run Any Bug-Bounty Tool)

Security Tooling / Recon Automation

Aviary β€” Recon Tooling Cockpit (Run Any Bug-Bounty Tool)

A local cockpit that makes the entire awesome-bugbounty-tools list runnable from one UI. A Next.js front end drives a FastAPI backend that executes each tool in its own Docker container, streaming live output over SSE β€” 407 tools runnable via curated launchers plus language-aware auto-generated recipes.

View project
Java Full-Stack CMS β€” Polyglot Content Platform (SQL + MongoDB)

Full-Stack Development / Java

Java Full-Stack CMS β€” Polyglot Content Platform (SQL + MongoDB)

A full-stack content management system built with Java and Spring Boot using polyglot persistence β€” a relational SQL database for structured, transactional data (users, roles, permissions, audit logs) and MongoDB for flexible, schema-less content (pages, posts, media metadata) β€” unified behind one secure REST API.

View project
Phoenix Cyber Club

Cyber Security

Phoenix Cyber Club

Phoenix Cyber Club excels in cybersecurity through expert-led workshops, hands-on projects, and cutting-edge tools, fostering skill development and innovation. Our active engagement in bug bounty programs and competitions enhances real-world experience and community networking.

View project
ICSTCEE(International Conference on Smart Technologies in Computing, Electrical and Electronics)

Web Application Development for Event Management

ICSTCEE(International Conference on Smart Technologies in Computing, Electrical and Electronics)

This registration website project allows attendees to easily register for the 2023 4th International Conference on Smart Technologies in Computing, Electrical, and Electronics (ICSTCEE 2023) at REVA University, providing a seamless user experience for managing participant details and event schedules..

View project
Upcoming
Wraith C2 β€” Modular Red Team Command & Control

Red Team Tooling / Command & Control

Wraith C2 β€” Modular Red Team Command & Control

A modular command-and-control framework for authorized red team engagements β€” lightweight cross-platform implants, encrypted comms, and a pluggable transport layer. Currently in early design.

View project
Upcoming
FaultLine β€” Coverage-Guided Firmware Fuzzing Harness

Exploit Development / Fuzzing

FaultLine β€” Coverage-Guided Firmware Fuzzing Harness

A coverage-guided fuzzing harness for embedded ARM firmware, building directly on the bare-metal HSM work from MITRE eCTF. Aims to surface memory-safety and protocol bugs in Cortex-M targets. Planned.

View project
Upcoming
Sentinel β€” eBPF Runtime Threat Sensor for Linux

Detection Engineering / eBPF

Sentinel β€” eBPF Runtime Threat Sensor for Linux

A lightweight eBPF-based runtime sensor for Linux that observes syscalls, process lineage, and network activity to flag suspicious behavior with minimal overhead. Early prototype stage.

View project

See my CV

GitHub Activity

GitHub Contributions

Β 
GitHub 3D contribution graph

Interacted Technologies

Adobe PhotoshopSince 2019

BootstrapSince 2020

CanvaSince 2019

CSS3Since 2017

FigmaSince 2023

CopilotSince 2023

GITSince 2019

GITHUBSince 2020

Github ActionsSince 2023

Github PagesSince 2020

Gnu BashSince 2016

Google Tag ManagerSince 2024

HTML5Since 2017

JavascriptSince 2018

LinuxSince 2015

CSince 2020

PythonSince 2020

C++Since 2022

NPMSince 2023

MatlabSince 2025

Hugging faceSince 2025

TensorFlowSince 2025

MarkdownSince 2023

MDXSince 2023

MS ExcelSince 2014

MS PowerPointSince 2014

MS WordSince 2014

NetlifySince 2022

Next JSSince 2023

PrettierSince 2019

ReactSince 2022

SoliditySince 2024

Sublime TextSince 2017

Tailwind CSSSince 2023

CloudflareSince 2021

TypescriptSince 2023

VercelSince 2023

Visual Studio CodeSince 2017

WordPressSince 2020

JSONSince 2020

XAMPPSince 2020

YarnSince 2024