{» portfolio «}
Code & Projects QA tools, automation scripts, pentest lab documentation and technical projects. View on GitHub →
Cheatsheets & Write-ups A growing knowledge base with pentesting cheatsheets, CTF write-ups and security references — built for practitioners. Open the knowledge base →
Security Projects
Hands-on security projects developed in controlled lab environments. Each project follows professional methodology with full documentation.
Web Pentesting & Network Pivoting
Full attack simulation against a segmented corporate infrastructure. Covers reconnaissance, OWASP Top 10 exploitation, lateral movement through pivoting and professional remediation report.
Methodology: OWASP Top 10 2021 · Multi-phase attack · Documented evidence
Tools: Kali Linux · Burp Suite · Metasploit · Chisel · ProxyChains · Nmap
[View on GitHub →]
DORK GEN — Google Dorks Generator & OSINT Tool
Web-based OSINT tool for generating advanced search engine queries without memorising complex syntax. Supports Google, Bing, DuckDuckGo, Yandex, Baidu and Shodan. Includes predefined dork categories (sensitive files, admin panels, IoT cameras, databases, debug errors) and a custom query builder.
Built for: OSINT researchers, pentesters and security analysts
Stack: HTML · CSS · JavaScript
Live tool: [dorkgen.com →]
⚠️ Designed exclusively for ethical use in authorized security research.
GRC Compliance Toolkit
Web-based self-assessment tool for cybersecurity compliance. Evaluates organisations against ENS (Spain’s National Security Framework), ISO 27001:2022 and NIS2 Directive with cross-framework gap analysis.
Built for: Security teams, consultants and SMEs needing compliance visibility
Stack: HTML · CSS · JavaScript
[View on GitHub →]
AI Red Team — Security Testing for LLMs
Research and lab writeups on AI security testing: prompt injection, jailbreaking, data poisoning, model extraction and adversarial examples. Includes practical labs from PortSwigger and custom experiments.
Relevant for: Companies deploying LLMs who need adversarial security review
Stack: Python · Jupyter · PortSwigger Labs
[View on GitHub →]
Malware Analysis Assistant
AI-powered malware analysis assistant using Retrieval-Augmented Generation (RAG). Combines cybersecurity knowledge with LLM capabilities for automated threat analysis.
Stack: Python · RAG · OpenAI API
[View on GitHub →]
QA Projects
Quality assurance projects covering the full testing cycle: test design, execution, bug reporting and automation.
Full QA Cycle — Buggy Cars Rating
Complete testing engagement: user stories, test case design, manual and exploratory testing, automated tests and formal bug report. Documented in Jira and TestRail.
Deliverables: Test cases (Excel + Jira) · Bug report PDF · Automated scripts
Tools: Selenium · Cypress · TestRail · Jira · Python
[View on GitHub →]
API Testing — Buggy Cars
Automated Postman test suite validating HTTP responses, response times and data integrity. All test results documented with pass/fail analysis.
Tools: Postman · REST API
[View on GitHub →]
Automated E2E Testing — Zero Bank
End-to-end test suite for critical banking flows: authentication, navigation, transaction execution and balance verification.
Tools: Cypress · JavaScript · Node.js
[View on GitHub →]
Data Quality Testing — Retail Sales Pipeline
Manual testing of a retail data pipeline: validation rules, test case design, bug reporting and regression testing on CSV dataset with intentional data quality issues.
Tools: Manual testing · Excel · Data validation
[View on GitHub →]
{*}
<contact_me>
…lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis.