Portfolio
Build and break with the same discipline, documented to a standard a reviewer can audit. Two living platform builds, two complete offensive/research works, applied-ML security research, and ongoing methodology-first CTF practice.
Hardened Fedora workstation built to a defence-in-depth threat model: LUKS2 full-disk encryption unlocked by a FIDO2 hardware key, remote pre-boot SSH unlock, and all DNS filtered before it leaves the host.
GrapheneOS mobile platform on a Pixel 10 Pro Fold: nine independently encrypted user profiles as compartmentalised trust boundaries, verified boot from a hardware root of trust, per-app network policy.
Grey-box penetration test of an Apache 2.4.58 host, run from a self-hardened PostgreSQL server built to CIS Level 1. PTES-aligned methodology with findings mapped to CWE, CIS, and ISO/IEC 27002.
Applied ML research with a security-relevant method: leakage-free image classification under class imbalance — the same discipline that governs rare-attack-class detection in intrusion detection pipelines.
Dissertation research: can frontier LLMs reason causally about social engineering, or only pattern-match its surface? Causal-discovery DAGs validated with DoWhy refutation, four frontier models benchmarked against them.
Methodology-first CTF practice on TryHackMe and HackTheBox: structured entries covering reconnaissance to root, with failure paths documented and every technique mapped to MITRE ATT&CK.