I’m a Cyber Security Professional with a background in IT infrastructure and cloud services, now focused on offensive security research, reverse engineering, and building tools that make analysis faster and more accessible.

Security Research

In 2024, I responsibly disclosed CVE-2024-20295, a CLI command injection vulnerability in Cisco IMC that allowed read-only users to escalate to root. The discovery came from hands-on firmware analysis of my own home lab hardware — extracting filesystems with Binwalk, exploring embedded Linux internals, and finding a gap that affected B-Series, C-Series, and S-Series UCS servers. You can read the full disclosure write-up here.

Arkana

I’m the creator of Arkana (formerly PeMCP), an open-source AI-powered malware analysis platform with 289 specialised tools behind a single MCP interface. It handles PE, ELF, Mach-O, .NET, Go, Rust, VB6, and shellcode — with auto-enrichment, symbolic execution, interactive debugging, and a live web dashboard.

I use it daily for real-world malware analysis and have published 14 detailed analysis reports covering families like AsyncRAT, LockBit, StealC, Brute Ratel, and Elysium RAT.

Certifications

• GIAC Security Essentials (GSEC) — 93% — covers defence in depth, access control, cryptography, and network security
• GIAC Foundational Cybersecurity Technologies (GFACT) — foundational cyber concepts, networking, and Linux
• Selected for the Upskill in Cyber programme

Get in Touch

I’m always interested in collaborating on security research, open-source tooling, or interesting reverse engineering challenges. Feel free to reach out.

GitHub · LinkedIn · X / Twitter