Skip to content

rayair250-droid/rayair250-droid

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
 
 

Repository files navigation

Rayan

Cybersecurity student at École 2600, learning across systems & low-level security, application/web security, and smart-contract auditing — mostly by building things end to end: model it, build it, test it, and stay honest about where it breaks. Also a railway nerd, which is where a few of these projects come from.

Pinned projects

  • metroflow — discrete-event metro & rail simulator (Python/SimPy): CBTC signalling, stochastic incidents, and reserve-train dispatch by heuristic and MILP, benchmarked on 14 real GTFS lines (Paris RER → Hong Kong) with Monte-Carlo validation. Documents where predictive dispatch stops helping.
  • aizen — offline-first local-AI toolkit in Go: a RAG knowledge-index over your own docs on local models (Ollama), fully air-gapped — no cloud, no API keys.
  • my-secmalloc — security-hardened drop-in malloc in C: per-block canaries + isolated out-of-band metadata to catch heap overflows and use-after-free.
  • bug-bounty-toolkit — reproducible recon + blue-team lab: curated tool install, recon scripts and a defensive/hardening workflow.
  • web3-audit-findings — smart-contract findings with runnable Foundry PoCs from competitive audit practice (Slither · Mythril · Foundry).
  • pareido-guard — deterministic pareidolia scanner: flags face-like patterns in images with pure OpenCV, no ML/API, fully explainable.

Focus areas

  • Systems / low-level (C, Linux) — memory-safety hardening and heap internals (see my-secmalloc).
  • Application & web security — web pentesting (IDOR, auth, business logic), bug bounty, CI/CD (GitHub Actions) hardening.
  • Smart contracts (Solidity / EVM) — competitive-contest auditing: reentrancy, access control, signature/replay, business-logic bugs.

Apprenticeship

Cybersecurity governance — identity & access management (IAM / SailPoint IdentityIQ), identity governance and compliance.

Also doing

Bug bounty (web) on YesWeHack.

Beyond security

Railways & transit — signalling, operations and simulation. metroflow came straight out of that: modelling real metro/rail lines and testing how they cope with rush-hour demand and incidents.

Interests

Railways & transit systems · post-quantum cryptography · decentralized & mesh networking, off-grid comms · drones / UAV & satellite imagery · local / privacy-preserving LLMs & AI agents · reverse engineering · hardware / IoT.

Contact

📧 ray.air250@gmail.com

About

Profile

Resources

Stars

0 stars

Watchers

0 watching

Forks

Releases

No releases published

Packages

 
 
 

Contributors