I build tools at the intersection of AI and security — LLM pipelines that defend against prompt injection, passive recon engines, CVE triage systems, and entropy-based secrets scanners built to ship in production.
I also write deep technical posts on LinkedIn: LLM infrastructure (KV Cache, Ring Attention, Quantization), distributed systems, and AI security (RAG prompt injection, vector search internals).
Currently writing two books:
- ML Math: Zero to Hero — 20-chapter interactive course covering ML mathematics from first principles. Scalars to diffusion models.
- Claude Code: The Complete Guide — 17-chapter guide to mastering Claude Code professionally. Plan Mode through Agent Teams and cost optimization.
| Project | What it does |
|---|---|
| llmguard-cli | Real-time prompt injection + jailbreak detector. Multi-layer: 20+ heuristic signatures + LLM meta-reasoning. HTTP API included. |
| gitleaks-ai | AI-enhanced secrets scanner. Shannon entropy analysis + LLM false-positive elimination. ~73% fewer false positives vs regex-only. |
| shadowmap | Passive attack surface mapper. Zero active scanning — cert transparency logs, DNS enumeration, AI risk analysis. |
| cvewatch | CVE monitoring daemon. Polls NVD API 2.0, filters by your stack using AI relevance scoring, delivers Slack/Discord alerts. |
| yaraforge | AI-powered YARA rule forge. Generates, validates, and deploys rules to Elastic, Splunk, and standalone YARA from one CLI. |
| ai-siem-triage | SOC alert triage assistant. Classifies SIEM events, prioritizes by severity, recommends response actions. |
Tools for analysts, researchers, and defenders.
| Tool | What it does |
|---|---|
| ai-cve-analyzer | CVE risk assessment with NVD data — attack scenarios, patch urgency, remediation guidance |
| ai-threat-intel | Raw intel reports → TTPs, IOCs, MITRE ATT&CK mappings |
| ai-phishing-detector | URL and email phishing analysis with heuristic + LLM reasoning |
| ai-malware-explainer | Sandbox reports → MITRE ATT&CK behavior mapping |
| ai-pentest-report | Raw pentest findings → professional client-ready reports |
| ai-packet-analyzer | pcap / tcpdump → C2, exfiltration, and lateral movement detection |
| ai-secrets-scanner | Detects hardcoded API keys, credentials, and sensitive data in source code |
| ai-log-analyzer | Log file analysis — error pattern detection, anomaly identification, root cause hints |
| Tool | What it does |
|---|---|
| ai-code-reviewer | Automated code review — bugs, performance issues, style suggestions |
| ai-test-gen | Generates unit tests for any code file |
| ai-commit-gen | AI-powered Git commit messages from staged changes |
| ai-doc-gen | Generates documentation from code files |
| ai-sql-gen | Natural language → SQL queries |
| ai-shell-assistant | Shell script help, debugging, and command explanation |
| ai-terminal-assistant | Terminal assistant for debugging and command lookup |
| ai-regex-explainer | Explains any regular expression in plain English |
| ai-readme-optimizer | Improves README clarity, completeness, and structure |
| ai-api-mock | AI-powered mock API response generator for testing |
| Project | What it does |
|---|---|
| rust-grep-tool | Fast CLI file search built in Rust — ripgrep-style pattern matching |
| rust-config-transformer | Convert config files between JSON, YAML, and TOML formats |
| rust-sys-monitor | Real-time system resource monitor — CPU, memory, disk in the terminal |
| Project | What it does |
|---|---|
| spring-api-scanner | AI-powered REST API security scanner — analyzes OpenAPI 3.x specs for OWASP API Top 10 vulnerabilities |
| spring-jwt-auth | Production-ready JWT auth microservice — refresh token rotation, RBAC, Spring Boot 3.2 |
| Project | What it does |
|---|---|
| macro-crypto-correlator | Global macro indicators vs stablecoin liquidity and crypto volatility |
| stable-depeg-predictor | AI early-warning system for stablecoin de-pegging events |
| yield-alpha-optimizer | AI-driven yield optimization for DeFi using on-chain data and ML forecasting |
| nano-mind-reader | Mechanistic interpretability on a tiny GPT — visualizing internal thought patterns |
| Image-Classifier | Transfer learning image classifier with TensorFlow/Keras for multi-class recognition |
| Project | What it does |
|---|---|
| devdash | Developer portfolio template — glassmorphic design, dark theme, built with TypeScript |
| snippet-vault | Local-first code snippet manager with tagging and full-text search |
| workshop--exploring-assemblyscript-contracts | Hands-on workshop: building smart contracts for NEAR Protocol with AssemblyScript |
Technical deep-dives published on LinkedIn — systems design and LLM infrastructure explained from first principles.
| Post | Topic |
|---|---|
| Ring Attention: How 1M-Token Contexts Work | Distributed Systems |
| LLM Quantization: From 4 A100s to 1 GPU | LLM Inference |
| KV Cache From First Principles | LLM Infrastructure |
| Zero-Click Prompt Injection in RAG Agents | AI Security |
| Speculative Decoding: The Serialization Problem | LLM Inference |
| Vector Search From First Principles | RAG |
| How Kafka Actually Works | Distributed Systems |
| LangChain From First Principles | AI Engineering |
| All Authentication Methods Explained | Security |
| Karpathy's autoresearch: 47 Experiments While He Slept | ML Research |
The best security tool is the one that fits your workflow.