February 2018 - Present
April 2016 - January 2018
November 2007 - September 2014
Offensive Security
Offensive Security
GIAC Certifications
Tigerscheme, United Kingdom
Bond Solon, United Kingdom
Programming Languages: |
C/C++, C#, Java, Object Pascal (Delphi), Visual Basic Perl, Python, PHP, ECMAScript 6 (ES6), Bash, Nix 8086, 80386, Dalvik |
Databases: | SQL (MySQL/MSSQL), XQuery, MongoDB, Elasticsearch |
Artifical-Intelligence: | PyKE (Python Knowledge Engine) |
Web Framework: | ReactJS, React-Native, Django, DotNetNuke |
Gaming Engine: | Unreal Engine 4, Unity |
Forensics Tools: |
Access Data FTK Imager, Access Data Forensics Toolkit (FTK) 1.81 & 3.0 Volatile, PhotoRec |
Operation Systems: | Microsoft Windows Server, Microsoft Windows Hyper-V Server, Debian, CentOS, FreeBSD, NixOS, VMWare ESXi |
Others: | Apache Kafka, Apache Heron, Kubernetes, Docker |
Cantonese | Native Proficiency |
English | Full Professional Proficiency |
Mandarian | Full Professional Proficiency |
University of South Wales (USW), South Wales, United Kingdom
September 2014 - December 2015
University of South Wales (USW), South Wales, United Kingdom
September 2011 - August 2014
University of South Wales, United Kingdom
Penetration Framework
This project is to produce a penetration framework to provide flexibility on supporting
additional modules of penetration testing tools. This framework includes five modules,
namely, SQLMap, NMap, Nikto2, Skipfish and Arachni. It is to
provide a Web interface for users to perform testing on target systems or
application by entering parameters into the input boxes. The testing results are parsed
and stored into database for later use and can be viewed by selecting the testing tasks
in the Web interface. A vulnerable server installed with Metasploitable 2
is used for evaluating the penetration framework. The final outcome of this project should
provide a flexible and efficientpenetration framework.
University of South Wales, United Kingdom
Log Correlation based on Snort, OSSEC and OpenVAS using PyKE
This project is to produce a log correlation program to correlate logs between Network
IDS (Snort), Host IDS (OSSEC) and Vulnerability Scanner
(OpenVAS) in order to improve the accuracy of intrusion detection. This
log correlation program uses PyKE, a Python Knowledge Engine, to parse
and correlate the alert messages from Intrusion Detection Systems to identify the real
intrusions and false alarms. A set of intrusions is simulated and generated using
penetration testing tool (Metasploit) within a virtual computer network.
This set of intrusions is used for evaluating the log correlation program. The final
outcome of this program should be able to identify false alarms and increase the accuracy
of intrusion detection.