Software developer turned cloud security engineer, based in Nairobi 🇰🇪. I design and harden secure AWS environments — least-privilege IAM, infrastructure-as-code, and automated guardrails — and because I came up through engineering, I fix problems in code instead of just flagging them. I also think like an attacker: I pentest the web and API surfaces I defend.
- 🎓 [Your Degree], KCA University
- 🛡️ Trained across the full security lifecycle through AfricaHackon Academy
- 🔭 Focus: AWS security · IAM · Terraform / IaC security · policy-as-code
- ⚔️ Offensive edge: web & API penetration testing (OWASP Top 10, Burp Suite)
- ✍️ I document real cloud misconfigurations — the attack first, then the code that closes it
- Build secure by default — least-privilege IAM, hardened Terraform / CloudFormation, encryption everywhere, centralised logging baselines
- Automate the defense — IaC security scanning in CI/CD, policy-as-code, and auto-remediation with Python + Lambda
- Detect & respond — cloud logging, log analysis, and incident response (my blue-team foundation)
- Attack to validate — web & API pentesting to prove the hardening holds against real attack paths
| Project | What it covers |
|---|---|
| ☁️ flaws.cloud — AWS Misconfiguration Walkthrough (Levels 1–6) | Exploited public S3 buckets, global AuthenticatedUsers ACLs, AWS keys in Git history, an unencrypted public EBS snapshot, IMDSv1 metadata SSRF, and read-only IAM enumeration → Lambda invocation — each finding paired with the AWS control that closes it |
| ⚔️ Reconnaissance & Subdomain Enumeration | Passive + active subdomain discovery (Subfinder, Dnsenum), deduplicated with Anew, liveness-checked with httpx, and WAF-fingerprinted with wafw00f — scripted end to end, narrowing dozens of hosts down to the live, in-scope attack surface |
| ⚔️ Wireless Network Auditing & Pentesting | Full WiFi attack chain in a virtualized 802.11 lab — monitor mode, rogue AP, deauth flood, WPA/TKIP handshake capture, and an aircrack-ng dictionary attack with rockyou |
| ⚔️ Windows Exploitation — Metasploit + ngrok | Exposed a Metasploit listener through an ngrok TCP tunnel, delivered a reverse_http Meterpreter payload to a Windows 10 VM, landed a live session, and ran post-exploitation enumeration — isolated lab only |
| 🎯 Financial-Sector Threat Model & Adversary Analysis | Direct & indirect targeting factors, supply-chain pivot paths, ranked adversary classes, and capability / timeframe assessment for a Kenyan asset-management firm |
| 🧱 Student Records — PHP + MySQL CRUD App | Full create / read / update / delete over MySQL using PHP PDO with prepared statements, results rendered in a Bootstrap table |
Cloud & Infrastructure-as-Code
Scripting & Automation
Offensive (Web / API)
Network & Detection
🎯 Currently pursuing
- AWS Certified Cloud Practitioner → AWS Certified Security – Specialty
- HashiCorp Terraform Associate
- Burp Suite Certified Practitioner (BSCP)
- 💼 LinkedIn — elvis-mbugua
- 🌐 Portfolio — 3lv15p4ck3t.netlify.app
- 📧 Email — [your professional email]