kspect
Linux kernel security auditing and drift detection in one static Go binary. 50 built-in checks, SARIF output for GitHub code scanning, baseline diffing for CI gates.
github.com/5h4rk-lab/kspectSecurity Engineer
I break applications, then build the tools that catch what broke.
Application and product security across web, APIs, source code, and CI/CD pipelines. I do offensive work — red team, penetration testing, bug bounty — and I ship open-source security tooling that turns those findings into repeatable checks. Based in Delaware, USA.
$ kspect scan FAIL HIGH KSPECT-SYSCTL-003 Unprivileged BPF disabled observed: sysctl kernel.unprivileged_bpf_disabled = "0" expected: sysctl kernel.unprivileged_bpf_disabled in {1, 2} fix: sysctl -w kernel.unprivileged_bpf_disabled=1 ... Summary: 50 checks — 18 fail, 21 pass, 11 unknown
Output from kspect, one of the open-source tools below.
Featured work
Linux kernel security auditing and drift detection in one static Go binary. 50 built-in checks, SARIF output for GitHub code scanning, baseline diffing for CI gates.
github.com/5h4rk-lab/kspectProof-based security testing framework for LLM apps and AI agents, covering the OWASP LLM Top 10. Detects prompt injection and data leakage with markers and canaries instead of guesswork.
github.com/5h4rk-lab/basilisk-llmCredentials
M.S. Cybersecurity, University of Delaware — GPA 3.96, May 2025