Software developer turned cloud security engineer, based in Nairobi π°πͺ. I design and harden secure AWS environments β least-privilege IAM, infrastructure-as-code, and automated guardrails β and because I came up through engineering, I fix problems in code instead of just flagging them. I also think like an attacker: I pentest the web and API surfaces I defend.
- π [Your Degree], KCA University
- π‘οΈ Trained across the full security lifecycle through AfricaHackon Academy
- π Focus: AWS security Β· IAM Β· Terraform / IaC security Β· policy-as-code
- βοΈ Offensive edge: web & API penetration testing (OWASP Top 10, Burp Suite)
- βοΈ I document real cloud misconfigurations β the attack first, then the code that closes it
- Build secure by default β least-privilege IAM, hardened Terraform / CloudFormation, encryption everywhere, centralised logging baselines
- Automate the defense β IaC security scanning in CI/CD, policy-as-code, and auto-remediation with Python + Lambda
- Detect & respond β cloud logging, log analysis, and incident response (my blue-team foundation)
- Attack to validate β web & API pentesting to prove the hardening holds against real attack paths
| Project | What it covers |
|---|---|
| βοΈ flaws.cloud β AWS Misconfiguration Walkthrough (Levels 1β6) | Exploited public S3 buckets, global AuthenticatedUsers ACLs, AWS keys in Git history, an unencrypted public EBS snapshot, IMDSv1 metadata SSRF, and read-only IAM enumeration β Lambda invocation β each finding paired with the AWS control that closes it |
| βοΈ Reconnaissance & Subdomain Enumeration | Passive + active subdomain discovery (Subfinder, Dnsenum), deduplicated with Anew, liveness-checked with httpx, and WAF-fingerprinted with wafw00f β scripted end to end, narrowing dozens of hosts down to the live, in-scope attack surface |
| βοΈ Wireless Network Auditing & Pentesting | Full WiFi attack chain in a virtualized 802.11 lab β monitor mode, rogue AP, deauth flood, WPA/TKIP handshake capture, and an aircrack-ng dictionary attack with rockyou |
| βοΈ Windows Exploitation β Metasploit + ngrok | Exposed a Metasploit listener through an ngrok TCP tunnel, delivered a reverse_http Meterpreter payload to a Windows 10 VM, landed a live session, and ran post-exploitation enumeration β isolated lab only |
| π― Financial-Sector Threat Model & Adversary Analysis | Direct & indirect targeting factors, supply-chain pivot paths, ranked adversary classes, and capability / timeframe assessment for a Kenyan asset-management firm |
| 𧱠Student Records β PHP + MySQL CRUD App | Full create / read / update / delete over MySQL using PHP PDO with prepared statements, results rendered in a Bootstrap table |
Cloud & Infrastructure-as-Code
Scripting & Automation
Offensive (Web / API)
Network & Detection
π― Currently pursuing
- AWS Certified Cloud Practitioner β AWS Certified Security β Specialty
- HashiCorp Terraform Associate
- Burp Suite Certified Practitioner (BSCP)
- πΌ LinkedIn β elvis-mbugua
- π Portfolio β 3lv15p4ck3t.netlify.app
- π§ Email β [your professional email]