Open-source, full-stack AI-security engine that red-teams a deployed model and audits the infrastructure it runs on, then maps every finding across MITRE ATLAS, ATT&CK, and D3FEND into one traceable, grounded report. Python, built on the Anthropic API.
Diffusion-Prior Consistency: essentially, AI protecting AI vision models. A from-scratch defense that keeps object-detection systems from being fooled by adversarial patches. My cybersecurity capstone, with a full research paper.
LLM red-teaming: jailbreaks, direct and indirect prompt injection, system-prompt extraction, training-data and system-prompt leakage, refusal-robustness evaluation. Adversarial machine learning (adversarial-patch attacks and defenses), model evaluation and safety testing, knowledge-graph grounding and anti-hallucination.
PyTorch, diffusion models, object detection, NLP. Empirical evaluation and experiment management: deterministic seeding, ablations, bootstrap CIs, reproducible pipelines.
Penetration testing of infrastructure, web applications, and AI/ML systems, vulnerability research, version-aware CVE analysis, privilege-escalation enumeration, kill-chain construction, and digital forensics. Kali, Metasploit, Burp Suite, Wireshark, Nikto, nmap.
Threat modeling and threat mapping, D3FEND countermeasure design, detection and incident response, network security, firewalls and intrusion detection, access control, operating-system and enterprise hardening (Linux, kernel, containers), risk assessment, and tamper-evident evidence logging.
MITRE ATLAS, MITRE ATT&CK, MITRE D3FEND, NIST CSF, CWE, CVE, CISA KEV, NVD.
Applied cryptography, symmetric and asymmetric encryption, hashing and digital signatures, key exchange, PKI and TLS, post-quantum cryptography (lattice-based schemes and the NIST PQC standards), and hash-chained integrity.
Python (fluent), Bash, Java. Linux, Docker, systemd, networking, SQLite. Automated testing and CI, Git. Secure coding and software/application security.