Skip to content
View dbaimakov's full-sized avatar
1 follower · 1 following
  • Toronto
  • 22:37 (UTC -12:00)

Achievements

Achievement: QuickdrawAchievement: Pull Shark

Achievements

Achievement: QuickdrawAchievement: Pull Shark

Block or report dbaimakov

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
dbaimakov/README.md

Dmitriy Baimakov banner

Hi, I'm Dmitriy 👋

Cybersecurity Engineer • Application Security • Secure Backend Engineering • Android Development • Full Stack Applications

I build secure software, practical security labs, and telemetry-driven workflows that turn findings into fixes — across application security, backend systems, mobile apps, databases, cloud-connected tooling, and defensive analysis.

About Me

I’m a cybersecurity engineer focused on both testing systems responsibly and building them securely. My work sits at the intersection of application security, secure engineering, threat detection, infrastructure visibility, and full stack development.

What I enjoy most is taking a problem through the full cycle: identifying risk, validating impact, analyzing system behavior, and turning that into stronger authentication, cleaner architecture, better hardening, and more resilient applications.

Expertise grid

What I Work On

  • Application Security: DAST, SAST support, WAF tuning, web vulnerability validation, adversary emulation, and remediation-focused analysis
  • Detection & Defensive Engineering: SIEM onboarding, log pipeline customization, alert tuning, traffic analysis, event correlation, and telemetry that supports investigation and response
  • Secure Engineering: Java, Spring Boot, REST APIs, authentication and session design, Dockerized services, and database-backed applications
  • Full Stack & Mobile Development: Android / Kotlin development, secure local storage, thoughtful UX, and end-to-end application design across frontend, backend, and data layers
  • Automation & Operations: PowerShell, Python, Ansible, cloud-connected workflows, API integrations, and tooling that improves visibility and reduces manual security effort

Core Tools & Platforms

Application Security: Burp Suite Pro, WebInspect, Fortify SSC, Rapid7, Nikto, SQLmap, WPScan, OpenVAS
WAF / Edge Security: BIG-IP F5, Cloudflare
SIEM / Telemetry: Microsoft Sentinel, ELK (Elasticsearch, Logstash, Kibana), Splunk, Securonix, AlertLogic
IDS / Endpoint Security: SentinelOne, Sophos, Trellix, Microsoft Defender
Security Analysis: Wireshark, Maltego, SpiderFoot, Recon-ng, theHarvester, Sn1per, Metasploit, Nmap
Cloud / IAM / Automation: AWS, Azure, Okta ASM, PowerShell, Python, Ansible
Platforms: Linux, macOS, Windows

Pinned Loading

  1. microtwitter-platform microtwitter-platform Public

    Spring Boot microservices platform with user management, subscriptions, messaging, timeline aggregation, GitHub OAuth 2.0, JWT, MySQL, Docker Compose, and GitHub Actions

    Java 1

  2. RedVsBlue RedVsBlue Public

    Hands-on web application security lab showcasing adversary emulation, defensive log analysis, validated findings, and practical hardening guidance.

  3. DAST-Labs-Index DAST-Labs-Index Public

    Curated index of DAST-focused web security labs covering discovered vulnerabilities, proof-of-concept validation, and remediation context.

    1

  4. ELK-Stack_project_1 ELK-Stack_project_1 Public

    ELK-based security monitoring lab for collecting, parsing, and visualizing host and network telemetry to support investigation and analysis.

    Shell 1