~/projects // classified build log

projects.vault

Six builds, six corners of the field. Where attackers think, where plant floors hold the line, where fakes get caught, where raw intel gets read. Crack the lock to declassify the full write-ups, or skip ahead if you are just scouting.

/root/projects/
ENCRYPTED
01

UniSOC

ICS/OT · SOC

Most security tools are built for IT networks and have no idea what a PLC or a Modbus packet looks like. UniSOC is a Security Operations Center platform designed specifically for industrial environments. It discovers and classifies assets across both IT and OT networks from live traffic or PCAP uploads, grabs firmware banners from PLCs and HMIs, checks them against known CVEs, and correlates logs into multi-stage attack chains mapped to MITRE ATT&CK for ICS. The goal is simple: give a defender one dashboard that shows exactly how an intrusion could cross from corporate IT onto the plant floor.

02

TIEF

threat intel · published

Threat Intelligence Extraction Framework. Most threat intelligence still lives buried inside PDF reports — analyst write-ups about APT campaigns with IOCs scattered across paragraphs. TIEF automates that extraction. You feed it unstructured threat reports, and it pulls out indicators of compromise, classifies tactics and techniques across 560 MITRE ATT&CK sub-techniques using a fine-tuned DistilBERT model, and packages everything into machine-readable STIX 2.1 bundles a SOC can actually ingest and query. The model hits 93.3% macro F1 across enterprise, ICS, and mobile ATT&CK domains.

03

HackTheWay

CTF · bug bounty

A cybersecurity training and competition platform where users practice hands-on challenges across web exploitation, cryptography, steganography, digital forensics, and reverse engineering. But it is not just a practice lab — organizations can host their own CTF competitions and bug bounty programs on it, complete with custom event pages, leaderboards, report evaluation workflows, and role-based access for admins, evaluators, and participants. Think of it as a self-hosted training ground with built-in event management for companies looking to run their own security challenges or discover talent.

04

TrustTrace

$17,000 grant deepfake detection

A multi-modal detection platform that analyzes images, videos, audio, and text to determine whether content has been manipulated or AI-generated. You submit suspicious content — a potentially deepfaked video, a synthetic audio clip, a questionable news article — and get back a detailed authenticity report explaining what was detected and why. Built on research backed by a $17,000 grant and multiple publications, TrustTrace brings that work into a production platform with end-to-end encryption and tamper-proof audit logs.

05

PixelTrace

digital forensics · published

A forensic investigation tool that detects whether an image has been tampered with. It uses Error Level Analysis — comparing compression levels across different regions of an image to spot inconsistencies that indicate manipulation. When part of an image has been spliced, cloned, or retouched, it compresses differently than the surrounding pixels. PixelTrace highlights exactly where that happened, outputting a marked-up image and a heatmap showing tampering intensity. Built as an open-source CLI tool for use in digital forensics, journalism, and social media verification.

06

Hotel Queens Gambit

management system

A command-line hotel management system that handles the day-to-day operations of running a hotel — creating and managing rooms, guest bookings, check-in and check-out, billing, inventory tracking, and restaurant operations. Built as a straightforward CLI application where the database does the heavy lifting and the interface stays out of the way.

$ looking for publications and patents? cd ~/research →