BSc (Hons) Cybersecurity — First-Class Predicted | Accelerated entry via APL Targeting Cloud Security Engineering and long-term Security Architecture / CISO track roles.
- About
- Highlights
- Projects
- Lab Environment
- Skills & Stack
- Experience
- Education & Certifications
- GitHub Stats
- What I'm Building Toward
Security engineer and full-stack developer finishing a first-class cybersecurity degree, admitted directly into second year via Accredited Prior Learning. I find critical vulnerabilities, build regulated financial platforms, automate cloud infrastructure, and document everything properly.
My work deliberately spans offensive security and cloud/infrastructure engineering — I think the strongest security engineers understand how systems break and build accordingly. Long-term I'm aiming for Cloud Security Engineering, then Security Architecture and CISO level.
| branchbreak | Automated LLM red-teaming platform — an attacker model that discovers jailbreaks via PAIR + TAP + Crescendo, maps findings to MITRE ATLAS, and gates CI/CD with query budgets, webhook alerting, and audit export. Runs offline or against Ollama / OpenAI / Anthropic |
| agent-airlock | Runtime security hook for AI coding agents (Claude Code) — tracks per-session taint and blocks the "lethal trifecta" exfiltration as it forms. Red-team demo + eval: 100% detection, 0% false positives on a 24-session corpus |
| fleetwatch | Governance control plane for a fleet of AI agents and MCP servers — registry, tool-schema drift (rug-pull) detection, policy-as-code, audit trail |
| mcp-sentinel | Live runtime proxy that scores MCP tools at connect time and blocks path traversal, SSRF, shell injection, and credential exfil in individual tool calls, in real time |
| Agent Privilege Mapper | Finds dangerous AI agent tool-capability combinations (the "lethal trifecta") in Claude/MCP configs, tests prompt-injection resistance against the real Claude API, maps findings to OWASP LLM Top 10 |
| CVE-2025-49132 | Discovered an undocumented client asset during a private pentest's subdomain enumeration and confirmed it vulnerable to this critical unauthenticated Pterodactyl Panel RCE (CVSS 9.8), verified with public exploit tooling |
| 269 | Previously undocumented API endpoints enumerated in a single authorised engagement |
| FCA DISP Platform | Production internship at Ideal4Finance — NestJS 11 + Next.js 16 regulated complaints platform |
| Cloud Native | Kubernetes, Terraform, OpenFaaS, Prometheus/Grafana — deployed on Minikube + K3s edge |
| AWS FinOps Pipeline | Live boto3 integration with AWS Pricing API — daily cron via GitHub Actions, credentials via Secrets |
| AWS CIS Auto-Remediation | EventBridge → Lambda engine auto-fixes CIS Benchmark findings every 6 hours — Terraform-deployed |
| IAM Attack-Path Mapper | Graphs AWS IAM privilege-escalation paths — ~12 known techniques, interactive attack graph, CIS/NIST-mapped findings |
| CloudTrail Privesc Detector | Watches live CloudTrail activity for the same techniques actually being used, plus credential-theft correlation — pairs with the IAM mapper above |
| decoygraph | Places decoy AWS resources directly on the IAM escalation paths an attacker is most likely to walk, then re-ranks and redeploys live via CloudTrail when one gets touched |
| BinaryHammer | Open-source C++ PE malware analysis tool — Zydis disassembly, entropy, YARA, threat scoring, onboarding UI |
| 30 Projects | Across AI agent/LLM security, offensive security, cloud, full-stack, infrastructure automation, and malware analysis |
The offensive counterpart to the fixed-battery tools in this profile: an attacker model that adapts. Where llm-redteam fires a static suite and the benchmarks run fixed scenarios, branchbreak runs a closed attacker–judge loop that discovers jailbreaks by iterative refinement, tree search, and multi-turn escalation — faithful, compact implementations of three published algorithms, built as an authorized safety-evaluation tool against benign refusal-boundary surrogates.
- PAIR, TAP (Tree of Attacks with Pruning), and Crescendo (genuinely multi-turn — the target keeps real conversation state across turns, unlike PAIR/TAP's fresh-attempt-per-iteration design) behind one CLI
- PyRIT-style prompt converters (base64/ROT13/leetspeak) test whether obfuscation evades a keyword guardrail; a JSON taxonomy loader makes "point it at a real harm taxonomy under an authorized engagement" an actual config change instead of a documentation claim, without shipping any harmful content in the repo
- Ground-truth success decided by an oracle, not the LLM judge — a gameable judge can only misrank the search, never fabricate a finding (asserted by a dedicated test)
- Every finding mapped to MITRE ATLAS, scored into a risk number, and turned into a CI/CD gate (non-zero exit) with a drop-in GitHub Actions workflow, a per-scan query budget cap, and Slack-compatible webhook alerting on a failed gate
- Self-contained HTML / JSON / Markdown reports + SQLite scan history with
trend(ASR over time) andexport(CSV audit evidence) CLI commands - Model-agnostic providers with retry/backoff on transient failures: offline mock (deterministic, for CI), Ollama, any OpenAI-compatible endpoint, and the Anthropic Messages API — standard library only, zero pip dependencies
- Committed research write-up reporting five independent real-model runs against llama3.2:3b as an aggregate rate rather than one cherry-picked sample — the honest finding is that TAP's pruning mechanism fires reliably every run even though which objective breaks is noisy at this budget
Python PAIR TAP Crescendo Jailbreak Research MITRE ATLAS LLM Red-Teaming Adversarial ML CI/CD Security
Repo: github.com/harryc295/branchbreak · Full write-up
A security control that runs inside the real product. Installs as a Claude Code PreToolUse hook and decides on every tool call, live, using session history — where agent-privilege-mapper finds the lethal trifecta in a config and agent-jail tests containment offline, this catches the trifecta forming during an actual session and blocks the exfiltration at the moment it is attempted.
- Per-session taint state machine: tracks when a session has read private data (secrets, credentials, SSH keys), ingested untrusted content (repo files, fetched pages), and then attempts egress to an unapproved host — the three legs of Simon Willison's lethal trifecta — and denies only when all three coincide
- Solves the problem stateless per-call filters can't: a delayed-exfil
curlthat looks routine on its own is blocked because the session state still carries the earlier secret read and repo ingestion (hooks are separate processes, so state is persisted bysession_id) - Unconditional hard blocks for
curl | bash, reverse shells, boot/login persistence writes, and secret literals (AWS keys, GitHub tokens, private-key blocks) in outbound requests - Red-team demo runs a poisoned repo through the real hook process end to end: the injected
curl -d @.envexfil is blocked, the same task done honestly runs clean - Empirical evaluation over a 24-session labeled corpus — 100% detection, 0% false positives — with a hard benign set (sessions that read a secret and untrusted content but never exfiltrate) to prove it isn't a naive two-of-three heuristic
- Standard library only, pure-function test suite, GitHub Actions CI running tests + eval + demo; built against the verified Claude Code hook contract (fail-open by default so a guardrail bug never bricks a session)
Python Claude Code Hooks Prompt Injection Taint Tracking Lethal Trifecta AI Agent Security
Repo: github.com/harryc295/agent-airlock
The governance layer the MCP/agent point tools elsewhere in this profile (mcp-sentinel, mcp-security-scanner, tool-poisoning-bench, agent-privilege-mapper) all stop short of: a registry of every agent, MCP server, and tool grant in an org, with continuous verification that approved servers still serve the tool schemas they were approved with. Point-in-time scanners audit once and runtime proxies see one session; this watches the whole fleet after approval — the exact window tool-poisoning-bench proved gets exploited.
- Drift detector re-fetches every approved server's tool schemas and diffs against the approval-time baseline — any change is flagged as a rug-pull candidate with a before/after diff, never auto-blocked
- Policy-as-code in version-controlled JSON: server allow/deny lists, denied tools, and lethal-trifecta detection evaluated across an agent's full grant set spanning multiple servers, not per-config
- Scored tool-call event ingestion (the kind mcp-sentinel emits) with policy-set alert thresholds
- Structured audit log of every registration, approval, drift detection, and alert — CSV/JSON export for SOC 2 / ISO 27001 evidence
- FastAPI + SQLite with a server-rendered dashboard, three pip dependencies, no Docker; runnable end-to-end rug-pull demo (
python demo/run_demo.py) that registers, approves, silently mutates a tool schema, and catches it - Pure-function test suite over the drift-diff and policy-evaluation logic — no DB or network needed to run it
Python FastAPI SQLite MCP Policy as Code AI Agent Security Governance
Repo: github.com/harryc295/fleetwatch
Live runtime proxy that sits between an MCP client and a real tool server: scores every tool at connect time and inspects individual tools/call payloads in real time, blocking path traversal, SSRF, shell injection, and credential exfiltration before they reach the downstream server. One of several MCP/agent-security tools in this profile.
- Built on the official Anthropic
mcpPython SDK, not a reimplementation of the protocol - Word-boundary regex rules (not naive substring matching) after a real false positive was caught and fixed during testing against the reference MCP server
- Nested dict/list argument scanning, not just top-level values
- Real in-memory protocol integration tests (18/18 passing) plus unit tests
- GitHub Actions CI, recordable demo showing 4 live attacks blocked and 1 normal call allowed
Python Anthropic MCP SDK Tool Poisoning SSRF AI Agent Security
Repo: github.com/harryc295/mcp-sentinel
Applies the same privilege-escalation-mapping approach used against AWS IAM elsewhere in this profile to AI agents instead: a static capability mapper that tags Claude/MCP tool configs and flags dangerous combinations, paired with a prompt-injection test harness that drives a real Claude tool-use conversation against adversarial payloads.
- Tags tools/MCP servers with capability flags (reads private data, exposed to untrusted content, can exfiltrate, can execute, persistent write) from real Claude tool-config shapes
- Detects the "lethal trifecta" (private data + untrusted content + exfil channel) — the most-cited real risk pattern in agentic AI security
- Prompt-injection harness: real two-turn Claude tool-use loop against three adversarial payload styles, with a pure, unit-testable verdict classifier
- Findings mapped to the OWASP Top 10 for LLM Applications
- Zero-setup offline demo for both tools; injection harness also runs live against the real Claude API with your own key
Python Claude API MCP Prompt Injection AI Agent Security OWASP LLM Top 10
Repo: github.com/harryc295/agent-privilege-mapper
Benchmarks RAG systems against indirect prompt injection via poisoned retrieval documents. Five scenario categories (instruction override, persona hijack, data exfiltration, tool-call manipulation, goal redirection), each with explicit / obfuscated / split-across-chunks payload variants, against Claude or an OpenAI-compatible model.
- Every scenario mapped to a MITRE ATLAS technique (AML.T0051/.001, AML.T0053, AML.T0054, AML.T0057)
- Structural, deterministic judging (oracle-string or tool-call domain checks), not an LLM judge
- Guard mode re-runs every scenario with a system-level instruction and reports the delta in success rate, including where the guard doesn't help
- Zero dependencies beyond the Anthropic and OpenAI SDKs, full pytest suite, typed Python, GitHub Actions CI
Python Claude API OpenAI SDK MITRE ATLAS RAG Security AI Agent Security
Repo: github.com/harryc295/rag-poison-bench
Tests whether an agent given a YAML-defined policy (allowed tools, filesystem sandbox, HTTP allowlist, subprocess flag) can be manipulated into exceeding it. Drives a real multi-turn tool-call loop against a fully simulated filesystem/HTTP/subprocess environment across five attack categories (direct override, social engineering via tool output, multi-turn escalation, authority spoofing, indirect injection via retrieved content).
- Three-way verdict per scenario (compliant / boundary-probing / containment-escaped) with a confidence score, plus an aggregate containment score
- Threat model and methodology reference AISI's published AgentHarm benchmark and control research agenda
- Nothing in the tool environment ever touches a real disk, network, or shell
- Full pytest suite, typed Python, GitHub Actions CI
Python YAML Claude API OpenAI SDK Agent Containment AI Agent Security
Repo: github.com/harryc295/agent-jail
Measures how often tool-using LLMs execute instructions hidden in a tool's description versus hidden in a tool's output, with a heuristic guard on and off. Eight hand-written scenarios (explicit / social-engineering / obfuscated variants), three trials each, tested against a real local model via Ollama.
- Real measured result, not a cherry-picked one: explicit override in a tool description succeeded 3/3 with the guard off and 0/3 with it on; social-engineering, obfuscated, and all tool-output-injection variants failed regardless of guard state
- Zero pip dependencies (stdlib
urllibfor the Ollama call) - Full written report with methodology and limitations in
results/
Python Ollama Prompt Injection LLM Benchmark AI Agent Security
Repo: github.com/harryc295/tool-poisoning-bench
Follow-up to tool-poisoning-bench: keeps the exact same target behaviour, toolset, and allowed domain, and tests whether it succeeds over a 7-9 turn conversation instead of a single poisoned message. Five strategies (gradual escalation, persona erosion, context window poisoning, authority accumulation, memory anchoring), no single turn in any of them containing an explicit override phrase.
- Comparison table against tool-poisoning-bench's published single-turn results, cited as a static reference rather than a live cross-repo dependency
- README documents pointing
--provider openaiat Ollama's OpenAI-compatible endpoint with the same model, to hold the model constant and isolate single-turn vs multi-turn as the only variable - Full pytest suite (23 tests, including a regression test for a real division-by-zero bug caught during development), typed Python, GitHub Actions CI
Python Claude API OpenAI SDK Multi-Turn Attacks AI Agent Security
Repo: github.com/harryc295/multi-turn-bench
A research implementation of a prompt injection detection and input sanitisation layer, the defensive counterpart to the benchmarking tools in this profile. Wraps any text an application is about to hand to a model (user input, tool output, or a retrieved document) and returns a risk score with a per-category breakdown, firewall.check(text, context=system_prompt).
- Six detection categories (instruction override, persona reassignment, system prompt leak, jailbreak patterns, indirect injection, obfuscation), each independently configurable to block, flag, or allow, plus an optional LLM-as-judge mode for the cases regex can't reach
- Real installable package (
pyproject.toml,pip install -e .), zero dependencies in heuristic mode - Genuinely measured benchmark against a hand-written corpus, not a cherry-picked one: 62% recall, 0% false positives, an 86%/0% split between explicit and subtly-phrased attacks that motivates the LLM-judge mode
- README compares honestly to Lakera Guard's actual public methodology (a proprietary ML classifier trained on 80M+ adversarial prompts, not a rules engine), grounded in real sourcing rather than assumption
- FastAPI middleware example, functionally tested end to end, not just import-checked
- Full pytest suite, typed Python, GitHub Actions CI
Python Claude API OpenAI SDK Prompt Injection Detection AI Agent Security
Repo: github.com/harryc295/llm-firewall
Scriptable adversarial test harness for LLM system prompts — fires prompt-injection, jailbreak, and system-prompt-leak attacks at a model and scores how many got through, against Claude or any OpenAI-compatible endpoint.
- Canary-token technique to detect exfiltration with no guesswork about what counts as "leaked"
- 5 attack categories: direct injection, roleplay jailbreak, system-prompt leak, indirect injection (smuggled in summarised content), base64 encoding obfuscation
- CI-gateable —
--fail-aboveexits non-zero if the risk score regresses on a system prompt change - Markdown report with pass/fail table, 0–100 risk score, and full prompt/response pairs
- Works against Claude (official SDK) or OpenAI-compatible endpoints, including local Ollama/vLLM
Python Claude API OpenAI SDK Prompt Injection Red Team AI Agent Security
Repo: github.com/harryc295/llm-redteam
Static heuristic auditor for MCP server definitions: flags tool-poisoning and prompt-injection phrases, the agent "lethal trifecta" (read + write + exec), tool-name shadowing, unpinned-package supply chain risk, and plaintext secrets, all before a server is ever connected to.
- Zero dependencies, stdlib only
- Word-boundary regex matching, sharing the same false-positive fix validated in mcp-sentinel
Python MCP Static Analysis Supply Chain Security AI Agent Security
Repo: github.com/harryc295/mcp-security-scanner
Companion to the IAM Privilege-Escalation Mapper: builds the same IAM escalation graph, but instead of just reporting the paths, it deploys decoy AWS resources directly onto the ones an attacker is most likely to walk, then re-ranks and redeploys live when one gets touched. Static attack-graph tools stop at reporting; static deception tools guess where to place decoys. This uses the graph to decide, with a Claude tool-calling agent doing the ranking.
- boto3 + networkx IAM graph, detecting 6 known privesc primitives (PassRole+Lambda/EC2, CreateAccessKey, self-privesc policy edits, multi-hop AssumeRole chains)
- Claude tool-calling agent ranks paths by attacker plausibility and generates decoy specs — name, type, lure content — for the top-ranked ones
- Deploys IAM role / S3 bucket / Secrets Manager decoys via boto3, name-prefixed and tagged so the responder Lambda's IAM policy stays scoped instead of needing
Resource: "*" - CloudTrail → EventBridge → Lambda loop: confirms a touched resource is a real decoy before acting, logs it, re-ranks, deploys the next decoy, alerts via SNS
- Terraform manages only the static control plane; decoys are deployed and torn down by the agent at runtime, never hand-authored infrastructure
Python boto3 networkx Claude API AWS IAM CloudTrail Deception Technology Cloud Security
Repo: github.com/harryc295/decoygraph
Self-hosted automation platform combining n8n with a local Llama 3.2 model via Ollama. Runs a daily security news digest pipeline — RSS to formatted HTML to Gmail — entirely locally. Also wires DevSecOps pipeline hooks and vulnerability triage workflows.
Docker Compose n8n Ollama Llama 3.2 Redis PostgreSQL Self-Hosted AI
Repo: github.com/harryc295/devsecops-n8n-workflow-platform
Black-box engagement covering a web application, subdomains, and four cloud-hosted targets. Found an undocumented host during subdomain enumeration and confirmed it exposed a critical unauthenticated RCE.
- Discovered an in-scope client asset not in the original target list and confirmed it vulnerable to CVE-2025-49132 — unauthenticated RCE in Pterodactyl Panel, CVSS 9.8 — using public exploit tooling
- Enumerated 269 undocumented API endpoints on port 8080 using ffuf
- Full OAuth2 security review: redirect_uri bypass, missing state parameter, absent PKCE
- Delivered 18-page executive and technical report with full remediation roadmap
Burp Suite Community Metasploit ffuf Nmap OAuth2
Core developer on an FCA-regulated financial complaints management platform built from scratch. Full architecture responsibility alongside security implementation and delivery pipeline.
- Monorepo NestJS 11 + Next.js 16 with PostgreSQL and Drizzle ORM
- 16 workflow stages, 32 state transitions across 6 RBAC roles
- SHA-256 evidence integrity hashing and immutable audit log
- Magic-link authentication, BullMQ cron scheduling, Docker Compose deployment
- CI pipeline with npm audit gate and security dependency scanning
NestJS 11 Next.js 16 PostgreSQL BullMQ Docker Drizzle ORM TypeScript
Finds AWS IAM privilege-escalation paths — permission chains that let a low-privileged principal reach AdministratorAccess in a few hops. Builds the IAM identity graph from a real account, walks it for known escalation techniques, and renders an interactive attack-path diagram with findings mapped to CIS/NIST controls.
- Detects ~12 known AWS privesc techniques (Rhino Security Labs research): self-privesc IAM actions,
PassRole+ Lambda/EC2, multi-hopAssumeRolechains, credential takeover - networkx graph traversal for the multi-hop AssumeRole-chain detection — the one check that needs more than a single policy read
- Self-contained interactive HTML report (pyvis) — no web framework, no database, no hosting required
- Every finding mapped to CIS AWS Foundations / NIST CSF controls
- Offline demo fixture and pytest suite, runs with zero AWS setup
Python boto3 networkx pyvis IAM AWS Privilege Escalation CIS Benchmark Cloud Security
Repo: github.com/harryc295/iam-privesc-mapper
Companion to the IAM Privilege-Escalation Mapper: instead of finding privilege-escalation paths that could be used, this watches real CloudTrail activity for the same techniques actually being used, plus a time-windowed correlation that only shows up once you're looking at an event timeline.
- 9 single-event detectors for dangerous IAM actions actually observed (Attach/Put policy, CreatePolicyVersion, UpdateAssumeRolePolicy, credential takeover)
- Role-passing and AssumeRole detectors that resolve to confirmed severity when cross-referenced against the IAM mapper's admin-equivalent findings
- One genuine multi-event correlation: an access key issued for someone, then used within minutes — classic credential-issuance-and-immediate-use
- Incident-response runbook per finding family: containment, investigation, notification, prevention
- Zero infrastructure to deploy — reads the account's existing 90-day CloudTrail history via
lookup_events, no S3 export or Athena needed
Python boto3 CloudTrail IAM Incident Response Detection Engineering
Repo: github.com/harryc295/cloudtrail-privesc-detector
Serverless auto-remediation engine that detects and fixes four high-priority CIS Benchmark findings every 6 hours — fully deployed on the AWS free tier via a single terraform apply.
- EventBridge cron → Lambda (Python 3.11) pipeline at 6-hour intervals
- Check 1: S3 account-level public access block enforcement
- Check 2: EC2 security groups — auto-revoke 0.0.0.0/0 ingress on ports 22, 3389, 1433, 3306
- Check 3: IAM users with active keys but no MFA → keys deactivated automatically
- Check 4: VPCs missing flow logs → flow log created and directed to CloudWatch
- DynamoDB audit trail per action, S3 compliance JSON report, SNS email/Slack alerts
Python Terraform AWS Lambda EventBridge DynamoDB S3 SNS IAM CIS Benchmark DevSecOps
Repo: github.com/harryc295/automated-aws-cis-compliance
Three-tier application deployed on Kubernetes with full observability, serverless compute, edge simulation, and zero-trust RBAC architecture.
- Kubernetes (Minikube) with Deployments, PVCs, Services, and Network Policies
- Zero-trust: RBAC + Network Policies enforcing least-privilege access between pods
- Prometheus + Grafana via Helm, OpenFaaS serverless functions, K3s edge simulation
Kubernetes Docker Terraform Prometheus Grafana OpenFaaS K3s Helm RBAC
Repo: github.com/harryc295/COM5408-cloud-project
End-to-end complaints management platform built for a regulated financial services client. Handles full case lifecycle — intake, triage, investigation, resolution, and audit — with strict access controls and compliance requirements baked into the architecture.
- Multi-role workflow engine with configurable escalation paths and SLA tracking
- Immutable audit log with cryptographic evidence integrity
- Secure document handling and case history across all resolution stages
TypeScript NestJS Next.js PostgreSQL Docker
(Repository private — commercial project)
Modular CLI platform for authorised web application security assessments — reconnaissance, content discovery, vulnerability checks, and opt-in injection-indicator scanning, built on a plugin architecture with an async scan engine.
- Hard authorisation gate: every scan needs
--i-have-authorizationplus an explicitallowed_hosts/CIDR allowlist enforced on every HTTP request, DNS query, and raw-socket probe - Recon, content discovery, vuln assessment, API/cloud checks across a documented plugin architecture; auto-integrates nuclei, katana, httpx, subfinder, dnsx, naabu, gau and waybackurls when installed
- Injection-indicator plugins (XSS, SQLi, SSTI, XXE, path traversal...) are detection/evidence-only and off by default
- JSON/Markdown/HTML reporting with CWE and OWASP mapping per finding
- Per-host rate limiting,
--dry-runplanning mode, append-only audit log - CI across Ubuntu/Windows/macOS plus a Docker build; ruff + mypy + pytest
Python Async Plugin Architecture SQLite/PostgreSQL nuclei OWASP Offensive Security
Repo: github.com/harryc295/websec-assess
Open-source C++ tool for static PE malware analysis — loads any Windows executable and surfaces disassembly, pseudo-code, imports/exports, hex view, strings, and a scored threat summary. Built to cut manual overhead so analysis time goes on decisions, not mechanics.
- x86/x64 disassembly via Zydis with annotated call targets and ~130 Win32 API tooltips
- Entropy-coloured sections table, W+X detection, packer signatures, IOC string scanning, scored threat overview
- Pseudo-C code lifter, call graph, YARA rule scanning, byte-pattern search, navigation history
- ImGui docking UI with 3-page onboarding wizard, custom app icon, and maximised-on-launch window
- JSON report export, per-function rename/bookmark/xref, layout versioning
C++20 CMake vcpkg ImGui Zydis YARA Reverse Engineering Static Analysis
Repo: github.com/harryc295/Binary-slammer
Two-domain Active Directory forest simulating an enterprise network with RBAC, cross-platform authentication, automated deployment, and validated security controls.
- Root domain bolton.local / child domain derby.bolton.local — demonstrating domains as security boundaries
- Windows Server 2022 DCs + Ubuntu Desktop joined via realmd/SSSD with full Kerberos authentication
- Fine-Grained Password Policies, RBAC security groups, GPOs with documented risk rationale
- PowerShell DSC automated deployment + 12 Pester validation tests
Active Directory PowerShell DSC Kerberos SSSD Group Policy RBAC Pester
Repo: github.com/harryc295/BarmBuzz
Four-tool CLI security toolkit built across a five-week assessed penetration testing module. Fully headless and automatable via argparse.
| Tool | Script | Purpose |
|---|---|---|
| Evidence Collector | log_parser.py | Parses auth.log for failed SSH/login attempts, outputs CSV |
| Network Cartographer | scan.py | Multi-threaded TCP port scanner with banner grabbing |
| Access Validator | brute.py | Targeted SSH/FTP credential tester with mandatory delay |
| Web Enumerator | web_enum.py | HTTP recon, header analysis, path enumeration, comment scraping |
Python argparse Sockets Paramiko Requests Offensive Security
Repo: github.com/harryc295/COM5413_Security_Portfolio
Python CLI wrapping the Nessus REST API — automates scan launches, parses results, extracts critical findings, sends Slack webhook alerts, and generates CSV compliance reports.
Python Nessus API REST Slack API CSV DevSecOps
Repo: github.com/harryc295/nessuspipeline
Threat intelligence aggregator pulling from VirusTotal, Shodan, and AbuseIPDB. Enriches IOCs — IPs, domains, file hashes — with reputation scores, geolocation, and WHOIS data. Outputs structured JSON and a live HTML dashboard for incident response triage.
Python VirusTotal API Shodan AbuseIPDB OSINT IOC Enrichment Incident Response
Repo: github.com/harryc295/threat-intel-aggregator
Two-phase FinOps automation project — started with a static proof of concept, evolved into a fully live AWS API integration.
- Phase 1 (static): GitOps pipeline, scheduled GitHub Actions cron, YAML-driven config, CSV ETL output
- Phase 2 (live): boto3 against the AWS Pricing API, IAM scoped to least-privilege, runs daily at 09:00 UTC
Python boto3 AWS Pricing API GitHub Actions IAM GitHub Secrets FinOps ETL
Secure offline password manager using AES-256-GCM and PBKDF2-HMAC-SHA256. Full-screen UI, multi-vault support, auto-lock, PrintScreen blocking, secure clipboard clearing, password generation, and organised login/card/note management.
Python AES-256-GCM PBKDF2 Cryptography SQLite Zero-Knowledge
Repo: github.com/harryc295/Python-Vault (private)
"Analyse to action" — a clarity method productivity app built in TypeScript. Designed to help turn messy thinking into structured action.
TypeScript
Repo: github.com/harryc295/untangle (private)
Personal cyber range running on VirtualBox — used daily for AD deployment, malware analysis, purple team exercises, and validating attack chains against real defensive controls.
| Machine | OS | Role |
|---|---|---|
| DC-Bolton | Windows Server 2022 | Root domain controller |
| DC-Derby | Windows Server 2022 | Child domain controller |
| WinClient | Windows 11 Pro | Domain-joined workstation |
| LinuxClient | Ubuntu Desktop | Cross-platform auth via SSSD/Kerberos |
| Attack Box | Kali Linux | Penetration testing / red team |
| Analysis VM | Fedora | Isolated malware analysis |
Full-Stack Developer — Ideal4Finance (2026 — Present · Internship) Building an FCA DISP-aligned financial complaints platform from the ground up. Core contributor responsible for architecture, security implementation, and CI pipeline. NestJS 11 + Next.js 16 + PostgreSQL + Docker.
Penetration Tester — Authorised Client Engagement (June 2026) Full-scope black-box test across web, subdomains, and four cloud-hosted targets. Discovered an undocumented client asset during recon and confirmed it vulnerable to CVE-2025-49132 (Critical CVSS 9.8) using public exploit tooling; enumerated 269 undocumented endpoints; full OAuth2 audit. Delivered 18-page executive and technical report with remediation roadmap.
Kitchen Porter / Bar Back — Lytham House (2021 — 2024) Three years in a high-pressure hospitality environment. Teamwork, reliability, and communication under pressure.
BSc (Hons) Cybersecurity — First-Class Predicted University of Greater Manchester · 2025–Present · Accelerated entry via Accreditation of Prior Learning
Foundation Degree in Cybersecurity University of Greater Manchester · 2024–2025
A Levels — Law, Geography, Sociology · Cardinal Newman College · 2022–2024
GCSEs — AKS Lytham (Independent)
Certifications & Training
Near-term I'm targeting Cloud Security Engineering roles — the technical depth is there across AWS, Kubernetes, Terraform, and DevSecOps automation. Long-term the goal is Security Architecture and CISO level, so I'm building strategic thinking and governance understanding alongside the hands-on work.
Currently working on: finishing the degree (first-class), continuing to expand BinaryHammer's feature set, extending the AWS price tracker toward Cost Explorer and Slack alerting, and working toward AZ-900 / SC-900 as the next credential milestones.
Open to graduate roles, placements, and mentorship — linkedin.com/in/harrycorcoran-cybersecurity or corcoranharry2@gmail.com.