I design, build, test, secure, and ship production-grade security tools, automation platforms, and commercial SaaS products — entirely self-directed, without a formal engineering mandate.
By day I work in IT & Self-Assessment at Red Parrot Accounting (UK). In practice I've shipped 10+ tools that didn't exist before I built them: from SOC 2 compliance platforms to Active Directory attack detectors to TLS fingerprinting tools written in Go.
My degree is in Business Management, not CS — everything technical is self-taught. I approach security from both sides: I build the attack demo and the detector. I write 1,600+ tests because I hold myself to a standard nobody asked for.
- Built 6 security tools covering AD, TLS, IOCs, backups, and compliance
- 90% backend test coverage on GhostBackup (744+ tests)
- Zero-dependency architecture wherever the stdlib is sufficient
- Documents limitations honestly — before you find out yourself
Languages
Backend & Data
Frontend & Desktop
Security & DevOps
|
ComplianceGuard SOC 2 compliance automation platform. Runs as Electron desktop app or self-hosted web app. Scores against 29 SOC 2 controls, generates PDF reports, Ed25519 offline licensing.
|
GhostBackup AES-256-GCM streaming encryption, per-file nonce, HKDF salt, dual-SSD redundancy, delta detection, 7-year retention, xxhash integrity, React dashboard.
|
|
PhantomEye Zero-dependency threat intelligence. 8 IOC feeds, 40,000+ indicators, O(1) lookup, firewall log scanning, DNS cache analysis, IP geolocation. CodeQL on every push.
|
GhostSecure Real-time Active Directory attack detection. 7 detectors: Kerberoasting, Pass-the-Hash, DCSync, Golden Ticket, LDAP Recon, AS-REP Roasting, Skeleton Key. Runs as Windows Service.
|
|
ViperFin JA3/JA3S TLS fingerprinting in Go. Parses raw ClientHello from the wire. 22-signature threat database: Cobalt Strike, Emotet, TrickBot. GREASE filtering per RFC 8701.
|
VaultSentry Backup integrity monitoring. SHA-256 baseline hashing, Shannon entropy ransomware detection, snapshot diffing, restore engine, daily HTML digest email, dark-mode GUI.
|
|
Accounting Automation Platform (UK Accounting Firm) Multi-module internal web platform: AI-powered bank statement converter (PDF→Excel), HMRC letter interpreter, holiday tracker with approval workflows, staff operations dashboard.
|
Win32 Keylogger/Detector (Educational) Dual-program demo: 10 Win32 APIs for keyboard capture (attacker perspective) + companion detector showing how AV/EDR tools detect the technique (defender perspective). Cross-compiled from Kali Linux.
|
class Engineer:
def __init__(self):
self.tests = "if it's not tested, it's not done"
self.docs = "document limitations before users find them"
self.security = "build the attack to understand the defense"
self.execution = "don't wait for a mandate — identify the risk, ship the fix"
self.deps = "stdlib first; every dependency is a supply chain decision"- Hardening Electron apps against modern attack surfaces (process isolation, CSP, update signing)
- Building offline-first cryptographic licensing systems that don't phone home
- Porting Windows-first security tools to macOS and Linux without losing native depth
- Open-core SaaS pricing models for security tooling — where the line between free and paid actually sits
- How EDR/XDR products detect the techniques I build demos for
For serious inquiries, reach out via GitHub or email.