Skip to content
View stacknil's full-sized avatar
👾
Focusing from home
👾
Focusing from home
7 followers · 29 following

Achievements

Achievement: YOLOAchievement: Pull Sharkx2Achievement: Quickdraw

Achievements

Achievement: YOLOAchievement: Pull Sharkx2Achievement: Quickdraw

Block or report stacknil

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
stacknil/README.md

stacknil

Security-minded systems builder working on telemetry, monitoring, defensive tooling, automation, and constrained AI-assisted workflows.

What I do

I build small, practical projects that sit between systems, security, and operational data.

My current direction is shaped around:

  • Linux, networking, and core systems understanding
  • detection-oriented security engineering
  • telemetry, monitoring, and signal processing
  • public-safe technical writing and sanitized security notes
  • AI-assisted workflows with explicit human verification, scope boundaries, and no autonomous response claims

Selected Work

LogLens

C++20 defensive log analysis CLI for Linux authentication logs.

  • parses both legacy syslog and journalctl --output=short-full style input
  • normalizes authentication evidence before detection
  • applies configurable rule-based detections
  • emits deterministic Markdown and JSON reports
  • includes CI, CodeQL, and repository hardening

telemetry-lab

A four-demo public repository for deterministic, reviewable, local file-based telemetry and detection workflows.

  • telemetry-window-demo: sliding-window telemetry analytics and rule-based alerts
  • ai-assisted-detection-demo: deterministic detection and grouping with constrained LLM summarization
  • rule-evaluation-and-dedup-demo: before/after dedup, cooldown behavior, and suppression reasons
  • config-change-investigation-demo: risky config changes with bounded evidence correlation
  • latest milestone: v0.6.0
  • reviewer packs: ai-assisted-detection-demo and config-change-investigation-demo

sec-writeups-public

Public, sanitized security write-ups from authorized labs and training platforms.

  • focused on methodology, reasoning, and reusable patterns
  • designed for safe publication instead of copy-paste exploitation
  • organized as a maintainable public knowledge base
  • includes publication boundaries and sanitization rules

Current Focus

  • building finished defensive / telemetry-oriented tools
  • strengthening Linux and networking depth
  • improving public project presentation and documentation quality
  • preparing an English-first technical portfolio for international applications

Working Style

  • clear scope over inflated claims
  • reproducibility over demos that only work once
  • defensive and public-safe by default
  • documentation, testing, and repository hygiene matter

Notes

Most repositories here are learning-driven engineering artifacts: small enough to finish, structured enough to review, and honest about their boundaries.

Contact

Pinned Loading

  1. LogLens LogLens Public

    C++20 defensive log analysis CLI for Linux auth logs, with parser coverage telemetry, configurable detections, CI, and CodeQL.

    C++

  2. telemetry-lab telemetry-lab Public

    Small prototypes for telemetry analytics, monitoring, and detection-oriented signal processing.

    Python

  3. sec-writeups-public sec-writeups-public Public

    Public, sanitized security write-ups from authorized labs, focused on methodology, reusable patterns, and safe publishing.

    Python

  4. systems-foundations systems-foundations Public

  5. security-labs security-labs Public

  6. scientific-computing-toolkit scientific-computing-toolkit Public