Portfolio

Security tooling, systems programming, and the infrastructure that runs this site. The emphasis is on tools that produce useful artifacts, not screenshots of planned features.

• GeistScope active

  AI-native bug-bounty and red-team toolchain in Rust. A shared engagement workspace ties together recon, crawling, posture checks, request-corpus search/replay, fuzzing, reporting, a persistent security graph, and a scoped AI harness. The harness now exposes a profile-filtered tool catalog (`default`, `advanced`, `lab`) so agents see the right pack of endpoints without raw shell access or noisy one-off tools. Findings are standardized JSON records that flow into prioritization, graph queries, and report generation.

  rust security bug-bounty async tokio ratatui ai
• mg-server active

  This site. Personal portfolio and blog server built from scratch in Rust. Axum routing, Askama compile-time templates (broken template = build error, not runtime 500), flat-file Markdown blog with YAML frontmatter, security headers middleware, and a 60 req/min rate limiter. Deployed behind Caddy and Cloudflare Tunnel — no open inbound ports. Verified with gobuster, nmap, curl traversal payloads, and SSL Labs.

  rust axum web askama security
• mg-scan complete

  Async TCP port scanner with banner grabbing, randomised scan order, configurable delay and jitter for rate-based IDS evasion, and optional source port binding for firewall bypass testing. Concurrency managed with Tokio JoinSet — no semaphore allocations per task. Part of the GeistScope toolchain.

  rust networking security tokio port-scanning
• mg-fuzz complete

  Burp Intruder-equivalent HTTP fuzzer. Reads raw HTTP request templates with §marker§ injection positions. Four attack modes: sniper, battering-ram, pitchfork, cluster-bomb. Built-in payload sets for SQLi, XSS, SSTI, path traversal, SSRF, and more. Diffs each response against a baseline (status, body hash, length delta, timing anomaly) to surface interesting responses automatically.

  rust security fuzzing web-security bug-bounty
• mg-tui complete

  Ratatui terminal dashboard for the GeistScope toolchain. Five tabs: engagements, hosts, findings (with severity filter), fuzz results, and live audit log tail. Full mouse support — scroll, click tab bar, click links in the built-in terminal browser. The browser renders HTML to styled terminal spans with Unicode half-block image rendering and a navigation history stack. Refreshes from disk on a 2-second timer with no extra processes.

  rust ratatui tui security terminal