OFFENSIVEBY DESIGN.

scroll ↓

I work with the systems
attackers actually target.

Post-quantum transport, hardened tooling, and ML pipelines that hold up to real-world adversaries — built end-to-end, shipped open-source, audited in production.

0K

Tool downloads

0

CVEs disclosed

0M

Events / day

0.00%

Uptime SLO

Research

Selected
research & tools.

2024 — 2026

Read article
open source

Post-Quantum Transport · Rust

Project Velocity

A production-grade, open-source transport protocol designed to succeed TLS 1.3 + QUIC. Hybrid X25519 + ML-KEM key exchange, Dilithium + ECDSA signatures, UDP foundation, ALPN velocity/1, graceful HTTP/3 fallback.

↗ source
Read article
community

Minecraft Fabric Mod · Java

Carpet PvP Practice

A server-side and singleplayer Fabric mod with 79K+ downloads. Spawns persistent fake-player bots for offline PvP drilling, re-enables 1.8 combat mechanics, supports MC 1.21.5–1.21.11 under Apache-2.0.

↗ source
Read article
research

Vulnerability research · Methodology

Memory-Safety Field Notes

A working notebook for reading CVE writeups with intent — focused on building the pattern-recognition that transfers between bug classes, not on becoming a professional pwner.

→ details
Read article
engineering

Applied ML · Auth log streams

SOC-Trusted Anomaly Detection

A reference architecture for authentication anomaly detection that prioritizes p99 latency and explanation quality over benchmark AUC — the only metrics that survive contact with a real SOC.

→ details
Open on GitHub

Researcher.Builder.Defender.

Years at the intersection of offensive security and applied AI — published research, open-source tools, and quiet consults for teams shipping things that actually matter.

Connect with andrewctf

Capabilities

Four disciplines,one craft.

/ 0192

Offensive Security

Exploit development, fuzzing, threat modeling, and red-team automation. CVE disclosure and patient adversary emulation.

exploit devfuzzingred-teamcve research
Find out more
/ 0295

AI / ML Research

Production ML systems and AI safety research. Anomaly detection, robust training, red-teaming LLM pipelines.

llm safetymlopsanomaly detectionpytorch
Find out more
/ 0388

Post-Quantum Crypto

Hybrid PQ transport, key-exchange engineering, and formal verification of cryptographic state machines.

kyberx25519noise protocolformal methods
Find out more
/ 0490

Systems & Infrastructure

Hardened, observable infrastructure. Zero-trust networks, signed releases, sandboxing, and supply-chain integrity.

zero-trustsigstorekernel hardeningobservability
Find out more

Testimonials

Stories worthsharing.

tap to read · scroll