LLMs that browse the web, write code, and call APIs are a fundamentally different threat surface than chatbots. This post breaks down the attack classes unique to agentic systems and what defenders actually need to think about.
A practitioner's guide to the major cybersecurity frameworks governing financial institutions - DORA in the EU, the FFIEC guidelines in the US, and the SWIFT Customer Security Programme worldwide.
A practitioner's breakdown of PCI DSS v4.0 - its twelve requirements, the 2025 deadline for future-dated controls, and where organisations most commonly fall short.
Lightweight EDR agent for Windows written in C++17. Performs real-time process monitoring via the Toolhelp32 API (500 ms snapshots), extracts executable paths and PPID metadata, and applies path-based heuristics to detect masqueraded system binaries - e.g. svchost.exe or lsass.exe spawned outside System32. Suspicious processes are automatically terminated and all security events are written to a structured incident log with INFO / WARN / CRITICAL severity levels.
Full hardware security audit of the TP-Link TL-WR841N consumer router. Root shell obtained via UART (FT232 adapter, 115200 baud), WPA2 passphrases recovered from RAM-disk files, MTD flash partitions dumped via /dev/mtdblock, and active listeners decoded from /proc/net/tcp hex descriptors. Reference for embedded Linux attack surface analysis on MIPS/BusyBox IoT devices.
# get in touch
Open to freelance engagements, penetration testing, infrastructure reviews, and consulting.
