Heartbeat
Internal threat operations platform for news aggregation, geolocation mapping, ransomware tracking, and LLM-assisted monthly TI review workflows.
Internal ToolNotable Work
Tools Iβve built for threat intelligence, detection engineering, and incident response, from internal CTI workflows to public investigation utilities.
Huntsman
Agentic threat intelligence and hunting workspace using RAG over live sources and uploaded reports to build executable Sentinel/XDR hunt packages.
RAG
Sentinel/XDR
Hunt Packages
KQL
Internal Tool
ShadowPulse
Unified IP, domain, and hash investigation across VirusTotal, Shodan, GreyNoise, and AbuseIPDB.
FastAPI
Security tooling
View live tool β
Work Experience
Incident Responder
Oct 2025 β PresentEY
Support incident response engagements across triage, scoping, containment advisory, evidence coordination, and forensic artifact analysis. Manage CTI workflows, mentor analysts, and build internal tooling for threat operations and detection engineering.
IR
Forensics
CTI
X-Ways
Magnet AXIOM
FTK Imager
Arsenal Image Mounter
OpenCTI
KQL/SPL
Software Engineer Intern
May β Aug 2024LandingPad
Improved UI/UX resulting in 25% increase in user engagement. Redesigned frontend components using Tailwind CSS, Liquid (Shopify), and JavaScript. Integrated Shopify with QuickBooks.
UI/UX
Tailwind CSS
Liquid
JavaScript
Shopify
SOC Analyst Intern
Dec 2021 β Aug 2022Ensign InfoSecurity
Triaged 300+ security alerts using SIEM and CrowdStrike EDR, produced threat intelligence reports, and identified 50+ client-specific vulnerabilities from underground forums and feeds.
SOC
Alert Triage
CTI
SIEM
CrowdStrike
Cyber Security Specialist
Dec 2018 β Aug 2021Digital Intelligence Service Β· Seconded to Cyber Security Agency of Singapore
Pioneer batch of Cyber Specialists conducting threat hunting, SOC monitoring, and digital forensics for government cyber operations and Critical Information Infrastructure environments.
Threat Hunting
SOC
Splunk
QRadar
Forensics
Full Stack Developer Intern
Dec 2017 β Feb 2018Henderson Security Services Pte Ltd
Completed various full-stack development tasks during internship.
Full Stack
Web Development
Skills & Tooling
IR & Forensics
Triage, containment, root cause analysis, X-Ways, Magnet AXIOM, FTK Imager, Arsenal Image Mounter
Threat Intel & Hunting
OSINT, underground forum analysis, CVE analysis, threat actor profiling, detection engineering
SIEM & EDR
Splunk SPL, Microsoft Sentinel KQL, QRadar, CrowdStrike, OpenCTI
Development
Python, JavaScript, FastAPI, Claude, Gemini, OpenAI, RAG workflows, LLM integration
CTF Competitions
BrainHack CDDC 2023
Cyber Defenders Discovery Camp - National cybersecurity competition
Top 6%
2023
Read writeup β
Grey Cat The Flag 2022
NUS Greyhats annual CTF competition
Top 25%
Top Writeup
2022
Read writeup β
STANDCON 2022
Annual cybersecurity conference and CTF
Top 15%
2022
Read writeup β
STACK the Flags 2022
GovTech national CTF competition
Top 10%
2022
Read writeup β
Certifications
Blue Team Level 1 (BTL1)
Security Blue Team certification for junior Security Analysts
Blue Team
Verified
Verify badge β
Certified Ethical Hacker (CEH)
EC-Council certification for ethical hackers
Red Team
Verified
Verify badge β
Heartbeat
Internal platform for weekly threat operations, automated security news aggregation, ransomware tracking, geolocation mapping, and monthly TI review workflows.
Threat Intel
LLM
Python
Internal Tool
Huntsman
Uses RAG over live sources and uploaded reports to extract IOCs/TTPs, generate and validate behavior-led KQL, and guide analysts through Sentinel/XDR investigations.
RAG
Sentinel/XDR
Hunt Packages
KQL
Internal Tool
docstack
Merge, splice, and rotate PDFs directly in your browser. 100% client-side - files never leave your device
Web App
JavaScript
Privacy
Try the app β
ShadowPulse
Investigate IPs, domains, and file hashes in one place. Aggregates intel from VirusTotal, Shodan, GreyNoise, and AbuseIPDB
Web App
Python
FastAPI
View live tool β
disable-windows-defender
PowerShell automation for Windows Defender control in malware analysis environments
Tool
PowerShell
Open GitHub β
VoicePointGPT
AI-powered script and voiceover generation for PowerPoint presentations
AI
Python
OpenAI
Open GitHub β
GPThreatIntel-Summarizer
Automated threat intelligence report summarization using OpenAI
AI
Security
Python
Open GitHub β
Budget Tracker Bot
Telegram bot for budget tracking and expense management
Bot
Python
Telegram
Open GitHub β
EMA-License-Verifier
Web scraper for validating licenses in Singapore's Energy Market Authority database
Scraper
Python
Open GitHub β
M1-Volatility2
Dependency installer for Volatility 2 on Kali Linux ARM architecture
Forensics
Shell
Open GitHub β
Building an External CS:GO Wallhack
A CS443 write-up on process memory modification, entity traversal, and safe game-state visualization in an offline lab
Reverse Engineering
Python
Jun 2026
Read write-up β
Building Docstack: A Technical Deep Dive
How I built a privacy-first PDF merger with cross-file page management
Web Development
Dec 2025
Read case study β
Ebolas Stealer: A New Hybrid Threat in 2025
Analysis of a new hybrid infostealer targeting gaming platforms
Malware Analysis
Feb 2025
Read analysis β
DarkCrystal RAT disguising as fake Luna Grabber
Uncovering a RAT masquerading as a popular credential stealer
Malware Analysis
Jan 2025
Read analysis β
