Auditing kernels and inspecting memory β one syscall at a time.
Mostly learning by breaking things and figuring out why.
I'm a self-taught developer focused on system security and low-level behavior.
I didn't come from a formal background β most of what I know came from reading docs, breaking things in VMs, and trying to understand what the system was actually doing under the hood.
I work close to the system boundary β where abstractions stop helping and you have to deal with memory layout, process behavior, and real execution flow.
Instead of big frameworks, I prefer small, transparent tools written in C and Bash. Tools I can inspect fully and trust because I can see exactly what they do.
Projects like K-Scanner, LinSpec, S.I.R.E.N, and OpenSec come from that mindset β simple systems to observe, validate, and question how things behave in practice.
A few ideas guide most of what I do:
- Push systems until edge cases surface
- Keep things minimal and inspectable
- Focus on real behavior, not assumptions
Security isn't about running tools. It's about understanding what the machine is actually doing when things start to break.
| Project | Description | Stack |
|---|---|---|
| LinDash | Web dashboard for LinSpec scan reports with REST API and SQLite storage. | Python |
| SYSCAGE | Behavioral syscall profiler and seccomp policy generator for Linux process confinement. | C |
| SYNTROPY | Unified forensic triage suite (LinSpec + K-Scanner + S.I.R.E.N). | C, Bash |
| LinSpec | Kernel hardening audit tool focused on identifying real security gaps. | C |
| K-Scanner | RWX memory detection and live process analysis for Linux. | C |
| S.I.R.E.N | Audit-aware memory acquisition and forensic triage tool. | Bash |
| K-Verify | Purple Team adversarial validation and detection gap analysis for the SYNTROPY ecosystem. | C |
| PMV | OpenBSD mitigation auditor (W^X, ASLR, pledge, unveil). | C |
Languages: C11, Bash, Python
Systems: OpenBSD, Arch Linux
Editor: Neovim (AstroNvim)
Contributions welcome β especially if you care about simplicity and low-level correctness. Open an issue or pull request if you have ideas or improvements.