Demo API with async workflows, state transitions, eventual consistency, and fake detonation — built to test Burp Suite extensions. REST, GraphQL, XML. FastAPI.

Security audit for AI-built projects. 130+ checks across OWASP Top 10. Auto-detects stack, loads relevant checks, grades your project A-F with exact fixes.

Multi-user TCP chat server and client with authentication and ngrok tunneling for public access

Security-focused Python CLI for discovering likely routes, endpoints, and internal domains from HTML and JavaScript.

Read-only SaaS security assessment pipeline for commercial platforms, designed to preserve evidence provenance from collection through governance output.

A microservice implementing OWASP ASVA v.4 2.1.1 and 2.1.7 passwords-checks for length and commonality

My personal GitHub profile. Computer Engineer & Software Developer focusing on Flutter, Python, and Application Security (AppSec).

Security Mindset Blog

ASP.NET Core-aware logging methods on top of ByteGuard.SecurityLogger

This is the demo application of my talk "Defensive Coding Reloaded" held at the Securi-Tay 2022 conference in Dundee, Scotland.

ByteGuard Codex is an application security tool for managing OWASP ASVS-based standards and mapping them to your software projects.

Explainable phishing detection Chrome extension with AI-assisted reasoning

Penetration Tester at Check Point Software Technologies Ltd. - CEH Master, CCSM Elite, & Cybersecurity Expert

GraphQL-specific security scanner. Detects introspection exposure, field harvesting, depth/complexity attacks, batch abuse, and injection.

Serverless security scanning engine for AWS environments. Detects IAM privilege escalation, unauthenticated API exposure, and storage misconfigurations via active abuse simulation — not static checks.

Runtime WebView bridge enumeration & UA-surface inspection from a Web browser context.

Simple script to find secrets inside source code folders

Правила под анализатор semgrep для языка JAVA на базе OWASP TOP 10. Сборка кастомных конфигов обернутых в makefile для самостоятельного запуска.

Demonstration videos and presentation regarding the talk given at the VOXXED LU 2024 conference.

Cloud-focused SAST and DAST assessment of a containerized application, highlighting secure configuration, runtime risk, and remediation practices aligned with DevSecOps.