ServiceMesh

L7 proxy with circuit breakers

• Throughput: 52M ops/sec using lock-free atomics + DashMap
• Protocols: HTTP/2 and gRPC with full streaming support (Hyper/Tonic)
• Reliability: Circuit breaker with configurable thresholds, exponential backoff
• Observability: Prometheus metrics, graceful shutdown, connection pooling

→ read more

Dredge

AI-powered binary vulnerability discovery

• Pipeline: 6-stage automated flow — extract firmware, decompile with Ghidra, triage, analyze with Claude
• Profiles: Domain-specific heuristics and prompts for drone, server, satellite, and IoT targets
• Triage: Scores functions 0-100 with fast heuristics before expensive LLM calls
• Detection: Attack chain correlation — correlated findings boost severity (e.g., hardcoded creds + auth bypass)

→ read more

Sentinel

Embedded SIEM log pipeline

• Ingest: Suricata EVE, Cowrie honeypot, C2 beacons, syslog (RFC 5424/3164), arbitrary JSON
• Enrichment: GeoIP lookups, threat intel feed matching, MITRE ATT&CK mapping
• Detection: TOML-driven rule engine with correlation — reconstructs kill chains across sources
• Output: Ratatui TUI dashboard, HMAC-signed webhooks, Prometheus metrics, REST API with CSV/JSON export

→ read more

UDP-Relay

MAVLink v2 telemetry aggregator

• Ingest: UDP listener on :14550 with MAVLink v2 frame parsing and CRC-16/MCRF4XX validation
• Registry: Thread-safe drone registry tracking position, attitude, battery, and flight mode for 250 vehicles
• Streaming: Non-blocking pub/sub hub fans events to filtered WebSocket subscriptions
• Ops: Prometheus metrics, token bucket rate limiting, IP/CIDR whitelisting, distroless Docker image

→ read more

Gretun

GRE tunnel management CLI

• Networking: Site-to-site VPN tunnels for cloud VPC interconnection
• Low-level: Direct netlink integration for kernel network configuration
• Features: Tunnel creation, health probing (ICMP), route table manipulation
• Cloud-native: Multi-cloud support (AWS, GCP, Azure virtual networks)

→ read more

Go-Hunter

Multi-cloud attack surface management

• Scale: 1,000 assets/min across 5 cloud providers (AWS, GCP, Azure, Cloudflare, DO)
• Architecture: Multi-tenant SaaS with encrypted credential storage and audit logging
• Performance: Concurrent goroutine workers with per-provider rate limiting
• Security: SHA256 drift detection, age encryption, row-level tenant isolation

→ read more

Forge-DB

SIMD-accelerated vector database

• Performance: 13K QPS at 75us latency with AVX2/AVX-512 optimization
• Efficiency: 32x memory compression via 8-bit quantization, 95%+ recall
• Portability: Pure Rust, zero external dependencies, no_std compatible
• Algorithms: IVF-PQ indexing + HNSW graph search for similarity queries

→ read more

Sensor-Bridge

Lock-free sensor fusion pipeline

• Throughput: 2.2B items/sec with ~20ns end-to-end latency
• Optimization: Cache-padded SPSC buffers to avoid false sharing
• Lock-free: Sub-nanosecond ring buffer ops using atomics (no CAS loops)
• Embedded: no_std compatible for bare-metal environments

→ read more

Nodix

Real-time compute graph for robotics

• Real-time: <1ms p99 latency with EDF/Rate Monotonic scheduling
• Throughput: 5,000+ iterations/sec for sensor fusion pipelines
• Concurrency: Zero-copy data flow using Arc and lock-free channels
• Correctness: DAG validation with topological sort and cycle detection

→ read more

keysmith

Kubernetes operator for automated secret rotation

• Operator: SecretRotationPolicy CRD reconciled by controller-runtime; immutable RotationRecord audit trail per attempt
• GitOps: declarative rotation policies live next to workload manifests; Kustomize overlays + single-manifest deploy
• Providers: pluggable interface — AWS Secrets Manager, HashiCorp Vault, built-in crypto/rand generator
• Observability: Prometheus metrics, OpenTelemetry tracing, rolling restarts of Deployments/StatefulSets/DaemonSets

→ read more

Elastic Collision Engine

OpenCL GPU compute + spatial hashing for 1000-particle physics

• GPU compute: OpenCL kernels for parallel collision resolution, one work item per particle
• Spatial hashing: O(n) broad-phase detection via uniform grid, 9-cell neighborhood lookup
• Physics: Elastic collision formula with mass-weighted positional correction
• Architecture: CPU/GPU split — grid built CPU-side, collision resolution GPU-side

→ read more

UART-Cpp

Bare-metal UART driver for STM32F4

• No HAL: Direct register access via CMSIS only, ~200 lines replacing 20,000+ of generated code
• Interrupt-driven: Non-blocking TX via on-demand TXEIE, ISR-driven RX with ring buffers
• Lock-free: SPSC ring buffers with volatile index semantics, no atomics or critical sections
• Clocks: 8 MHz HSE to 84 MHz SYSCLK via PLL with correct flash latency ordering

→ read more

PID Motor Control

Closed-loop PID controller on STM32F411RE with IMU feedback

• Control: 1kHz PID loop in TIM2 ISR with derivative-on-measurement and integral anti-windup
• Sensing: MPU-6050 IMU at 400kHz I2C, complementary filter (alpha=0.98)
• Actuation: TB6612FNG motor driver, 20kHz PWM, sign-magnitude drive (-1.0 to +1.0)
• Tuning: UART CLI for live Kp/Ki/Kd adjustment, step response CSV capture for plotting

→ view project

ESP32-S3 RF Board

50x40mm 4-layer RF dev board, bare QFN56 die

• RF: 50-ohm microstrip trace (0.6mm on L1), Johanson chip antenna + u.FL test port
• Stackup: JLC04161H-7628, solid GND on L2, 3.3V plane on L3, 45-degree bends
• Layout: GND stitching vias at 6mm (lambda/10 at 2.4GHz), 5mm antenna keepout, parametric Python generation
• Firmware: ESP-IDF v5 bring-up — dual-core WiFi scan + status LED validates RF path

→ view project

Raft Consensus on MCUs

Distributed consensus on a 5-node ESP32-S3 cluster

• Protocol: Full Raft implementation — leader election, log replication, InstallSnapshot
• Transport: ESP-NOW mesh (250B frames, 1-10ms latency), broadcast + unicast
• Persistence: SPI FRAM for term/vote (unlimited writes), SPI Flash for log with wear-leveling
• Application: Distributed sensor fusion, synchronized RGB LEDs, serial KV store

→ view project

LoRa Sensor Node

Raw LoRa P2P sensor link with SPI-level debugging

• Radio: SX1262 on 915MHz ISM, SF9/125kHz, raw LoRa modulation (not LoRaWAN)
• Hardware: 2x Heltec WiFi LoRa 32 V3 (ESP32-S3 + SX1262 + OLED), DHT11 sensor
• Debugging: 24MHz logic analyzer captures of SX1262 SPI bus with annotated command sequences
• Protocol: Point-to-point TX/RX with RSSI/SNR monitoring, RadioLib driver

→ view project

FreeRTOS STM32

5-task preemptive firmware on STM32F411RE @ 100MHz

• Pipeline: Queue-based sensor → processing → UART TX with ISR-safe xQueueSendFromISR
• Watchdog: Supervisor task (P=4) feeds IWDG only when all tasks check in — resets on hang
• Persistence: Config struct in flash with CRC32 validation, safe fallback to defaults
• CLI: UART shell (status, config get/set, task suspend) via ISR-fed rx_char_queue

→ view project

Spectrum Analyzer

Portable RF spectrum analyzer with real-time OLED display

• Display: Real-time spectrum visualization on OLED for RF debugging
• Hardware: ESP32 + OLED + antenna pigtail + SD card logging
• Use case: Debugging LoRa, WiFi, and BT projects in the field
• Goal: Hands-on tool for learning radio frequency fundamentals

→ view project

Underwater Acoustic Modem

BFSK acoustic communication for UUV command links

• Modulation: BFSK — 10kHz/12kHz tones, ~1000 bps raw, ~500 bps with Hamming(7,4) FEC
• Demodulation: Goertzel algorithm (single-bin DFT at two target frequencies)
• Framing: [Preamble 8 sym][Length 1B][Payload 0-255B][CRC-16 2B]
• Hardware: ESP32 TX/RX, TB6612FNG amp, piezo transducer for underwater path

coming soon

SLAM Engine

Indoor SLAM on STM32 with EKF and occupancy grid

• State estimation: Extended Kalman Filter — [x, y, theta, v], IMU predict + scan update
• Mapping: 80x80 log-odds occupancy grid (4m x 4m, 5cm resolution) with Bresenham raycasting
• Sensing: HC-SR04 ultrasonic on SG90 servo sweep (~2Hz), MPU-6050 IMU at 100Hz
• Display: Real-time top-down map rendered on SSD1306 OLED, SD card persistence

coming soon