RPS League App
React and Node.js with Prisma; SSE for live league state. Domains: matches, auth, sync not only screens.
React
Node
Prisma
SSE
GitHub
Projects
Software I have built and shipped: applications, APIs, defensive tooling, labs, and research artifacts. Each entry focuses on architecture and responsibility not only a feature list.
Full-stack & applications
End-user or multi-service software with UI, API layer, and persistence.
Accounting app
Local-first accounting workspace. Two React apps: Ledger (monthly income/expenses, custom columns, JSON export) and Debts (liability tracking, payment logs). Data stored in browser localStorage.
React
Local-first
Browser storage
GitHub
AI Systems & Backend Automation
Agentic workflows, analysis pipelines, and AI-assisted engineering tools.
Azure Optimizer
AI-assisted system for analyzing cloud infrastructure, detecting inefficiencies, and generating actionable cost and configuration optimizations.
Python
AI-assisted
Cloud
GitHub
Emma Voice Assistant
Lightweight Python voice assistant with conversational control, designed for fast interactions, command execution, and extensible AI-driven workflows.
Python
Voice
Workflows
GitHub
Secure analysis engine
Modular analysis engine for processing and evaluating input data (e.g., logs, traffic, or code), designed for extensible rule-based and automated inspection workflows.
Python
Rule-based
Inspection
GitHub
AI Insight Engine (private)
AI-driven backend system for ingesting structured and unstructured data, processing it through LLM pipelines, and producing evaluated, structured outputs. Emphasis on reliability, reproducibility, and system-level workflow design.
Python
LLM pipelines
Databases
GitHub
Backend & API projects
Integration layers and scripts where requests, responses, and errors are the product.
Network API toolkit
Utilities for composing API calls, handling failures, and making outputs reusable from the shell or other tools.
APIs
Automation
GitHub
Security tooling
Defensive utilities and host-focused helpers interfaces, config, and deliberate scope (including what the tool does not do).
Defensive security tools
Blue-team oriented scripts and utilities; trust boundaries and safe defaults documented.
Defensive
Python
GitHub
Endpoint monitoring tools
Visibility and checks around endpoint signals; pair with lab validation.
Endpoint
Monitoring
GitHub
Also in this bucket
- Linux log analyzer structured auth/system log triage patterns.
- Windows security scanner processes, persistence, connections, event log IOC-style checks.
- Network scanner host discovery and inventory on a subnet.
- System monitoring scripts disk, load, memory, service health.
Network lab tooling
- ARP spoof detector, DNS spoofer (lab-only), packet sniffer, MAC changer explicit lab scope and paired detection notes.
Offensive-capable lab code stays scoped to education and detection research; controls and mitigations are documented.
Detection & SIEM labs
Pipelines, rules, and validation not a single alert screenshot.
SIEM detection lab
Rule design and event flow experiments against realistic noise and attack simulation.
SIEM
Detection
GitHub
Elastic SIEM lab
Elastic-focused ingest, KQL, and correlation patterns tied to collected data.
Elastic
KQL
GitHub
Network attack & detection lab
Network-layer scenarios with paired detection thinking what shows up where, and what does not.
Network
Lab
GitHub
Secure & systems programming labs
Exercises around memory safety, privilege, and platform behavior small, verifiable scopes.
Browser extensions
Thin clients that reduce context switching; permissions and what leaves the browser are explicit.
AbuseIPDB Check
IP reputation lookups for triage.
OSINT
Firefox
Chrome
GitHub
Shodan Lookup
Selection-based jump to Shodan context.
Recon
Firefox
Chrome
GitHub
VirusTotal Lookup
URL, domain, and hash lookups.
IOC
Firefox
Chrome
GitHub
Windows Security Event Log lookup
Faster Event ID context during log review.
Windows
SOC
GitHub
Security research & contributions
Bug bounty PoCs, malware notes, OSINT reporting sanitized, scoped, and evidence-led.
Bug bounty PoCs
Responsible, minimal reproducers and documentation aligned with program rules.
Research
Disclosure
Additional research & operations
Heavier analysis and community-facing work that does not live in a single repo.
Discord malware analysis: EclipseOfLegends
Comprehensive analysis of malicious behavior in files shared via Discord.
- Identified privilege escalation risks with elevate.exe.
- Analyzed .asar files for potential tampering in Electron-based applications.
- Detected persistence mechanisms in installer-like executables.
Tools used: YARA, ProcMon, capa.
Hybrid Analysis report
Sample hash:
df46dbe66498cd0d9ea8cc62c693172943bc91ff200c06617aa1f5503dae7976
- Network activity: No significant DNS requests or HTTP connections observed.
- File system modifications: No notable files extracted or modified.
- Process activity:
RCC.exe(PID: 3320) associated with the sample. - Extracted strings: Useful for investigation and detection rule creation.
Content monitoring and abuse reporting (OSINT)
Open-source intelligence work to identify sites and communities violating platform policies or legal norms.
- Flagged and reported 160+ websites and multiple Discord servers to providers.
- Submitted evidence via hosting and registrar abuse channels.
- Produced intelligence summaries for stakeholders when appropriate.
- Tools used: WHOIS, domain intelligence, reporting platforms (AbuseIPDB, registrar portals).
Twitch moderation and regex development
Built moderation regex to filter spam, malicious links, and abusive content across multiple streams.
Example pattern (shortened for display; full pattern lives in repo/writeup):
(?i)(^(best|b\se\ss\st) (viewers|v\si\se\sw\se\sr\ss) (on|o\s))...
These rules reduced manual interventions and improved real-time enforcement of chat guidelines.