F1App is a web application built with React that provides information about the current Formula 1 season. It allows users to view the race schedule, countdown to upcoming races, and see key race results.
Readr is a lightweight browser-based tool for tracking your reading progress. Built with vanilla JS, HTML, and CSS, it lets you add, edit, and remove books, track completion, and backup or import logs via JSON with data saved locally in localStorage.
All test files for CodeQL queries along with the CodeQL database.
DISM Final Year Project, Security Software Tool Development, CodeQL Scanner
I built this end-to-end DevSecOps pipeline to demonstrate how I’d run secure, observable, and automated software delivery in a real engineering organization — from commit to cloud, with zero secrets in version control and full compliance guardrails.
Testing CodeQL SQL injection queries
React application developed for the Hybrid mobile applications class.
Detecting prototype pollution vulnerabilities in JavaScript using static analysis
Managing GitHub Advanced Security (GHAS) Controls at Scale
Generate CodeQL taint-tracking models for Go (along with tests) in a graphical UI
GitHub native DevSecOps CI/CD best practices include automated security testing, code analysis, and policy enforcement using GitHub Actions, coupled with secure IaC and container security measures. This entails managing secrets, enforcing access control, and implementing incident response and monitoring, all while fostering continuous learning.
Focus SAST scans (with CodeQL) on just the changed parts of your monorepo, split up as you define
tree-sitter grammar for the CodeQL language
A GitHub Security Lab initiative, providing an in-repo learning experience, where learners secure intentionally vulnerable code.
Add a description, image, and links to the codeql topic page so that developers can more easily learn about it.
To associate your repository with the codeql topic, visit your repo's landing page and select "manage topics."