My Work
portscout
Lightweight port scanner with service fingerprinting and banner grabbing. Designed for internal network audits — faster than nmap for large /16 ranges with custom rate limiting.
- Go
- Networking
- CLI
tls-inspect
TLS handshake analyzer that extracts cipher suites, certificate chains, and HSTS headers. Useful for auditing web services before pen-test engagements. Outputs clean JSON or human-readable reports.
- Python
- TLS/SSL
- Security Audit
hardened-baseline
Opinionated hardening scripts for Debian/Ubuntu servers. Implements CIS benchmark level 2 with sane defaults for cloud VMs. Used internally before open-sourcing.
- Bash
- Python
- Linux
- CIS Benchmark
Previously worked with
About Me
I'm a security engineer with 8+ years of experience in network infrastructure, penetration testing, and building internal tooling for security teams. My day-to-day involves threat modeling, red-team exercises, and reviewing systems before they become incidents. Previously at Cloudflare and Wargaming, and a couple of startups that no longer exist.
Outside of work I contribute to open-source security tooling, write occasional posts about things I find interesting, and spend too much time tuning Linux systems.
My Resume
