Security · Python · OSINT
shadowmap
Passive attack surface mapper using certificate transparency, DNS enumeration, and AI-powered risk analysis. No active scanning — full recon from public data only.
View on GitHub →I'm an engineer and researcher specializing in Artificial Intelligence, Cybersecurity, and Backend Engineering. I build intelligent systems that solve complex problems, from autonomous threat detection to automated penetration testing.
My open-source work primarily centers around building robust AI tools in Python that augment the capabilities of SOC analysts and security researchers. I believe in bridging the gap between cutting-edge LLMs and practical security applications.
Developing a framework for using large language models to parse, correlate, and prioritize CVE feeds and threat reports, delivering structured alerts to SOC teams in real time.
A Python-based pipeline that chains Nmap, Metasploit, and GPT-4 to autonomously enumerate, exploit, and report vulnerabilities in sandboxed environments — reducing manual effort by ~70%.
Designed a Kafka-backed microservice mesh capable of processing 2M+ events/sec with sub-10ms p99 latency, deployed on Kubernetes with auto-scaling policies.
Passive attack surface mapper using certificate transparency, DNS enumeration, and AI-powered risk analysis. No active scanning — full recon from public data only.
View on GitHub →Real-time prompt injection and jailbreak detector for LLM pipelines. Multi-layer defense: heuristics + AI meta-reasoning. Includes an HTTP API for easy integration.
View on GitHub →AI-powered SIEM alert triage assistant for SOC analysts — classifies alerts by severity, prioritizes response queue, and recommends remediation actions in plain language.
View on GitHub →A fast, minimal CLI file search tool written in Rust. Built to explore Rust's ownership model, iterators, and performance characteristics on real-world file I/O.
View on GitHub →AI-enhanced secrets scanner combining Shannon entropy analysis with LLM-powered false-positive elimination. Drop-in upgrade to gitleaks with smarter detection and fewer noise alerts.
View on GitHub →AI-powered REST API security scanner that analyzes OpenAPI 3.x specs for OWASP API Top 10 vulnerabilities — injection flaws, auth gaps, excessive data exposure, and more.
View on GitHub →Long-form technical writing — interactive courses and deep-dive guides built with the same care I put into code.
Interactive web course covering the complete mathematical foundations of modern machine learning — from scalars to diffusion models. Explained from first principles, built for anyone with high-school math. Includes interactive sliders, worked examples, quizzes, and ML engineer notes connecting theory to practice.
A comprehensive guide to mastering Claude Code — Anthropic's agentic coding tool. Covers everything from Plan Mode and Fast Mode to advanced topics like custom Skills, Agent Teams, SubagentStop hooks, FastMCP, and cost optimization. Written for engineers who want to use Claude Code at a professional level.
Technical deep-dives published on LinkedIn — systems design, LLM infrastructure, and AI security explained from first principles.
Thoughts on AI, security engineering, and building in public.
I'm always open to discussing new ideas, research collaborations, or interesting projects. Reach out through any of the channels below.