Work archive

Investigations, systems, and experiments.

Selected work across applied cryptography, system security, AI-assisted defense, and secure software engineering.

open-sourceRepository

AgentKit SEO

I worked on the context-routing and export layer for a portable agent-skill bundle used across Codex, Claude Code, Gemini CLI, Antigravity, and OpenCode. The project reached 1,200+ npm downloads in its first 30 days and treats verified facts, constraints, and evidence labels as first-class agent inputs.

Open to view full write-up and README details

agent skillscontext engineeringCodexClaude CodeGemini CLIOpenCodeAstronpm

Repository preview

AgentKit SEO multi-provider agent skill framework preview
researchRepository

AI-Driven Threat Detection

I designed and benchmarked a multi-model defense pipeline across network-flow classification, malware API-sequence analysis, unsupervised intrusion detection, and Bash command tactic attribution. Reported experiments include 98.1% malware accuracy, 97.5% network-flow accuracy, and 95% anomaly precision.

Open to view full write-up and README details

MLPyTorchBERTUniXcoderGNNanomaly detectionmalware detection

Repository preview

AI-Driven Threat Detection GitHub repository preview
researchRepository

ARIA - Forensics Agent

I built an investigation workflow where AI-generated output must pass evidence-grounded checks before acceptance. The project emphasizes hallucination resistance, adversarial prompt robustness, and reproducible validation logic for forensic tasks.

Open to view full write-up and README details

AIforensicsadversarialgamehallucination defenseevidence validation

Repository preview

ARIA - Forensics Agent GitHub repository preview
researchRepository

Equivocal Behaviour Tool Thesis

I designed a multithreaded Python CLI that integrates Hybrid Analysis, VirusTotal, and ANY.RUN, then mapped 12 Equivocal Software Behaviours from 60 MITRE ATT&CK Enterprise techniques. The thesis analyzed 36 SourceForge goodware binaries and was published on Zenodo.

Open to view full write-up and README details

malware analysissupply chain securityMITRE ATT&CKsandboxingVirusTotalANY.RUNPython

Repository preview

Equivocal Behaviour Tool Thesis GitHub repository preview
courseworkRepository

SoftEther VPN Guardian

I designed and compared IPSec and TLS VPN topologies in GNS3 using Cisco routers and Dockerized endpoints, then verified IKE/ESP security associations, TLS handshakes, NAT traversal, SecureNAT assignment, and protocol trade-offs with Wireshark and SoftEther logs.

Open to view full write-up and README details

VPNGNS3WiresharkIPSecTLSDockernetwork forensics

Repository preview

SoftEther VPN Guardian GitHub repository preview
courseworkRepository

Wireless Security Labs

I processed Android GNSS measurements for pseudorange and spoofing analysis, then ran WiFi goodput experiments with iperf, tcpdump, and Wireshark across Ethernet, WiFi, and mixed scenarios with repeated min/max/average/std-dev reporting.

Open to view full write-up and README details

wireless securityGNSSspoofing detectionMATLABWiresharkiperfAndroid

Repository preview

Wireless Security Labs GitHub repository preview