Portfolio
-
Zero-Trust Private Infrastructure with Tailscale, Caddy, and Layered Firewalls
A private cloud and homelab architecture using Tailscale, Caddy, private DNS, browser-trusted TLS, nftables, and DOCKER-USER filtering to keep internal services reachable to trusted devices only.
-
Deploying Local DNS Filtering with AdGuard Home and Docker Engine
A self-hosted DNS filtering setup built on Docker Engine with host networking for per-device query visibility, Tailscale peer routing for tailnet-wide filtering, and internal HTTPS through Nginx Proxy Manager backed by a private Root CA.
-
Building a Homelab with Tailscale, Docker, Local HTTPS, and a Private Root CA
A retired Dell OptiPlex turned into an always-on private homelab for remote LAN access, containerized services, reverse proxying, and trusted internal HTTPS.
-
Building Study Quiz: A Local-First Exam Prep App
Study Quiz is a browser-based study app I built to turn private question banks into active recall sessions. It imports JSON decks locally, tracks progress in the browser, reviews missed questions, and exports save states without uploading study material to a server.
-
Architecting a Custom Detection Engine with File Integrity and Security Event Monitoring
A custom application-layer detection engine with file integrity monitoring, security event logging, Zero Trust-protected testing, and Git-based deployment.
-
Securing My WordPress Site with Cloudflare, CSP, and Passkey Authentication
A WordPress hardening project that combines Cloudflare edge security, a custom security plugin, browser-enforced policies, reduced default exposure, and a passkey-only admin login.
-
Validating the vsftpd 2.3.4 Backdoor in an Isolated Lab
A mini lab that identifies vsftpd 2.3.4 through service enumeration, validates the known backdoor, and captures the FTP trigger packet in Wireshark.
-
Exploiting PHP CGI Argument Injection in an Isolated Lab
A web exploitation lab that enumerates an exposed service, validates PHP CGI argument injection, and analyzes the exploit request in Wireshark.
-
Marks & Spencer Cyberattack – Diamond Model Analysis
Analyzing the 2025 Marks & Spencer cyberattack using the Diamond Model, mapping identity-based intrusion techniques to MITRE ATT&CK and aligning remediation strategies with NIST controls.
-
Simulating ARP Spoofing with Mininet and Demonstrating Enterprise Mitigations
A networking security lab that simulates ARP spoofing in Mininet, analyzes packet captures in Wireshark, and demonstrates enterprise mitigations using DHCP Snooping and Dynamic ARP Inspection in Cisco Packet Tracer.
-
Deploying a Wazuh SIEM Lab for Endpoint Monitoring and Vulnerability Detection
A Wazuh SIEM lab used to monitor a Windows endpoint, detect vulnerabilities, investigate malware alerts, and configure automated email notifications.
-
OOP Football Score Simulator
An Object-Oriented Python project that simulates American football games. Each Team object tracks wins, losses, ties, and points, while games generate realistic scores (touchdowns, field goals, and PATs) and automatically update team records. Features Requirements How to Run