Projects
Security tools, forensic investigations, and research projects built from the ground up.
Nether's Gate
Custom C/C++ malware framework implementing shellcode encryption (AES/RC4), payload staging, process injection, and sandbox evasion. Built as a red team loader to demonstrate and study EDR bypass techniques in controlled environments.
SUMCESA – Cyber Essentials Automation
Full-stack Python/Flask platform that automates UK Cyber Essentials self-assessment — inventories installed software, correlates versions against the NVD/CVE database, scores each finding with CVSS, and generates export-ready PDF compliance reports. Integrated Groq Llama API for AI-assisted risk narrative.
Windows Write Blocker
Forensic-grade GUI tool built with Python that applies Windows registry-level write protection to internal and external drives — preventing evidence tampering during DFIR acquisition. Features auto device detection, activity logging, and one-click CSV export for chain-of-custody documentation.
Lone Wolf DFIR Case
End-to-end forensic investigation of the Digital Corpora 2018 Lone Wolf scenario — hash-verified image acquisition, MFT and registry artifact analysis, email and browser forensics, full timeline reconstruction, and a legal-standard investigative report linking digital evidence to suspect activity.
Narcos DFIR Case
Collaborative advanced investigation on the 50 GB Digital Corpora 2019 Narcos dataset — multi-analyst evidence verification, deleted file carving, communication interception analysis, malware artifact correlation across disk and memory, and comprehensive case report with suspect attribution.
Mr. Evil Investigation
NIST CFREDS Mr. Evil forensic challenge — identified 6+ hacking tools on a Dell CPi notebook, reconstructed OS activity timeline, analysed IRC logs and email artifacts, extracted network traces from PCAP, and attributed suspect identity through digital evidence. Delivered legal-ready court report.
Secure Donation Portal
Security-first full-stack donation platform with JWT authentication, Google reCAPTCHA v3, role-based access control (donor/admin/manager), case management workflows, parameterised SQL queries preventing injection, and CSRF-protected API endpoints.