- 🛡️ Cybersecurity & Cloud Security Analyst Enthusiast
- 🛠️ Hands-on experience with web pentesting, mobile APK analysis, API security, and Python/Bash scripting
- 🤖 Built an automated AI threat intelligence feed that delivers daily cybersecurity news via n8n
📍 Nairobi, Kenya
"Securing clouds because humans keep clicking suspicious links."
Conducted a comprehensive, full-stack security review targeting mobile applications (Beetlebug / VulnBank APK), web interfaces, and source code repositories — mapping directly to OWASP Top 10 and MASVS frameworks.
Key Achievements:
- Uncovered critical mobile vulnerabilities including hardcoded secrets, weak deep-link biometric authentication bypasses, insecure data storage, and binary patching flaws.
- Identified server-side issues such as SQL injection, broken business logic (negative balance manipulation), and exposed internal API endpoints.
- Authored professional, remediation-focused penetration testing reports documenting proofs-of-concept (PoCs).
Tools Used: JADX-GUI | MobSF | Burp Suite | FFUF | Dirbuster | Android Debug Bridge (ADB)
Designed and deployed a fully automated cybersecurity threat intelligence pipeline that delivers daily news and threat updates with zero manual intervention.
Key Achievements:
- Built end-to-end workflow automation using n8n to aggregate, filter, and distribute real-world threat intelligence.
- Integrated Flowise AI and LLMs to process and summarize cybersecurity content automatically.
- Demonstrates practical application of AI tooling to real-world security operations (SOC/threat intel) workflows.
Developed a modular Python automation script to streamline target domain intelligence gathering and asset discovery.
Key Achievements:
- Automated passive subdomain enumeration and live host validation.
- Implemented strict conditional error checking and robust log handling.
- Integrated the Telegram Bot API to securely dispatch instant alerting webhooks upon discovering new active hosts.
Tools & Tech: Python | Subfinder | HTTPX | REST APIs | CLI Parsing (argparse)
Designed an advanced, defensive Bash script engineered to safely process, sanitize, and encode text credentials.
Key Achievements:
- Built cross-platform compatibility featuring automatic native environment detection for Linux and macOS, with a dynamic fallback routine to Python's base64 libraries.
- Formulated interactive, failsafe file handling protocols to protect pre-existing host storage from accidental overwriting.
Tools & Tech: Bash (Shell Scripting) | Sed/Regex Data Trimming | Base64 Cryptographic Utilities
Engineered local and network-accessible infrastructure topologies focusing on access control and secure application delivery.
Key Achievements:
- Implemented and optimized high-performance Nginx web server environments.
- Standardized restrictive, multi-tiered permission matrices (Read-Only vs. Full Access) across public, confidential, and administrative storage directories.
Tools & Tech: Nginx | Linux Server Administration | Access Control Lists (ACLs) | Network Configuration
| Focus Areas | Tools & Technologies |
|---|---|
| Security Domains | Threat Intelligence, OSINT, Cyber Threat Analysis, Network Defense, Penetration Testing |
| Languages & Scripting | Python, Bash |
| Platforms & Infrastructure | Linux Administration, AWS Cloud Security |
| Security Tooling | Burp Suite, MobSF, JADX-GUI, ADB, FFUF, Subfinder, HTTPX |
- ☁️ Cloud Security — AWS security architectures & IAM hardening
- 🎯 Threat Hunting — Analyzing logs, detecting anomalies, and writing detection rules
- 🌐 Advanced Networking — Deep-dives into routing protocols and secure architecture
- 🤖 AI Automation — Leveraging n8n, Flowise AI, and LLMs for automated threat intel gathering and log analysis
| Badge | Issuer | Description |
|---|---|---|
 AfricaHackOn Cyber Security Swara |
Africahackon Academy | Awarded for completing the 6-month intensive cybersecurity program — covering hands-on training, real-world simulations, and expert mentorship. |
| AfricaHackon Academy Cybersecurity Certificate | Africahackon Academy | Cohort 4 graduate — Threat Intelligence Lead, Squad 4 |
 Cisco Networking Basics |
Cisco | Foundational networking concepts and protocols |
- 🔭 Currently working on: Expanding my full-stack pen-testing portfolio and cloud security labs.
- 👯 Looking to collaborate on: Open-source security tools, automation scripts, and CTFs.
- 💬 Ask me about: Application security, cloud security, or why password managers are mandatory.
- 📫 Reach me at: alphageo98@gmail.com