Skip to content
View K0NGR3SS's full-sized avatar
💭
Ehhhh...
💭
Ehhhh...
23 followers · 26 following

Highlights

  • Pro

Block or report K0NGR3SS

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
K0NGR3SS/README.md

Hi, I'm Nazar 👋

Cybersecurity Student · Security Engineering · Cloud Security · Security Analysis
Ukrainian · Building secure infrastructure at scale · Open-source security tools

   

Cybersecurity student at SETU Carlow focused on security engineering, cloud security, and blue teaming. I build open-source CLI/TUI security tools, solving CTF style challenges, and work on real-world AWS cloud infrastructure.

Recent highlight: Team Captain @ ZeroDays CTF 2026 · 5th/71 college teams · 18th/141 overall (Croke Park, Dublin)

🛡️ Technical Skills

Click a role below to expand tools, technologies, and key areas.

☁️  Cloud Security

Cloud Platforms

Infrastructure & Containers

Languages

Key Areas

  • AWS infrastructure security (VPC, IAM, S3, Lambda, CloudTrail)
  • GCP security configuration & hardening
  • Container security & orchestration hardening
  • Infrastructure as Code security scanning
  • Cloud-native CI/CD pipeline security
🛡️  Security Engineering

Languages

Operating Systems

Databases

Networking

Key Areas

  • Security tooling development (CLI & TUI)
  • System hardening & configuration
  • Security automation & scripting
  • Secure coding practices & code review
  • Network security & troubleshooting
🔍  SOC Analysis

SIEM & Monitoring

Network Analysis

Defence & Response

Scripting

Key Areas

  • Log analysis & correlation
  • Threat detection & incident triage
  • Network traffic analysis & packet inspection
  • Intrusion detection & prevention
  • Vulnerability assessment & reporting
  • Security event monitoring & dashboarding
🐛  Penetration Testing

Exploitation

Web Application Testing

Reconnaissance & Network

PWN & Binary Exploitation

Languages

Key Areas

  • Vulnerability analysis & exploit development
  • Web application security testing
  • WAF/CDN fingerprinting & bypass
  • Buffer overflow & ROP chain exploitation
  • Binary reverse engineering
  • CTF competitions & challenge solving
⚙️  DevSecOps & Automation

CI/CD & Pipeline Security

Containerisation & Orchestration

Infrastructure as Code

Web & Serverless

Key Areas

  • Secure CI/CD pipeline design & hardening
  • Container image scanning & runtime security
  • Infrastructure as Code security linting
  • Serverless architecture & deployment automation
  • Automated security testing integration
  • GitOps workflows & secrets management

🚀 Featured Projects

Project Description Stack
WAFPierce CLI & GUI WAF/CDN fingerprinting and bypass validation tool. Detects 17+ WAFs, 12+ CDNs, runs 35+ bypass techniques with baseline heuristics Python
GhostState TUI-based AWS security & governance tool that detects ghost resources (unused/shadow IT) and risk assets in real-time Go · AWS SDK v2
GhostWeights Hunts for unauthorised Shadow AI/ML workloads running in AWS environments Go · AWS SDK v2
Log_Analyzer Reads security logs to detect brute-force attempts, SQLmap scans, and attack patterns — outputs statistical reports and charts Python
TCP_Recon_Tool CLI recon tool: service enumeration, TLS inspection, web stack fingerprinting, machine-readable reports Python
Image-Detector-AWS Serverless image analysis system using AWS AI services (Lambda, S3, Rekognition, DynamoDB) AWS

📊 GitHub Stats

 

Pinned Loading

  1. GhostState GhostState Public

    GhostState is a TUI-based security and governance tool for AWS written in Go. It scans cloud infrastructure in real-time to identify "Ghost" resources (unused/shadow IT) and "Risk" assets (critical…

    Go 8 2

  2. WAFPierce WAFPierce Public

    CLI & GUI tool, it is WAF/CDN fingerprinting and bypass validation tool for pentesting across cloud providers. It detects 17+ WAFs and 12+ CDNs, runs 35+ bypass/evasion techniques with baseline heu…

    Python 6 1

  3. GhostWeights GhostWeights Public

    GhostWeights is a Go-based pentesting tool for AWS that detects unsanctioned AI workloads and risky AI service exposure

    Go 4

  4. TCP_Recon_Tool TCP_Recon_Tool Public

    Command-line Python reconnaissance tool recon.py that probes targets, enumerates services and HTTP apps, inspects TLS, fingerprints web stacks, and emits machine-readable reports.

    Python

  5. Log_Analyzer Log_Analyzer Public

    A Python tool that reads security logs line-by-line to detect brute-force login attempts, SQLmap-style SQL injection scans, and attack patterns by IP, time, frequency, generates statistical reports…

    Python

  6. Image-Detector-AWS Image-Detector-AWS Public

    Serverless image analysis system using AWS Lambda, S3, Rekognition, and DynamoDB. Automatically detects and labels objects in uploaded images.

    Python