Rustinel is an open-source endpoint detection runtime for Windows and Linux. It collects native telemetry from ETW and eBPF, normalizes events into Sysmon-style fields, evaluates Sigma, YARA, and IOC detections, and emits ECS-compatible NDJSON alerts.

A complete speech segmentation system using Kaldi and x-vectors for voice activity detection (VAD) and speaker diarisation.

Experimental closed-loop EDR evaluation framework, automated artifact mutation, sandboxed execution, telemetry collection, and explainable triage. Understands why detections trigger. M.Sc. Cybersecurity thesis (EPFL, 2026).

"Python-based security tool for detecting suspicious processes"

Graph-powered EDR agent with LLM threat analysis, real-time IOC matching, and chain-aware response actions

On a scale of one to America, this NextGen Norton Antivirus EDR just made enterprise-grade defense free. Built by a Norton, carrying forward a name rooted in cybersecurity history, reimagined for modern threats.

🚀 Suspend EDR and antivirus processes easily with EDR-Freeze, a user-mode tool that bypasses complex driver vulnerabilities on Windows.

Endpoint triage system for detecting suspicious activity using Python, MITRE ATT&CK mapping, and HTML threat reports.

Deployed Sysmon on Windows 10 with a custom XML ruleset to detect process creation, LOTL techniques, and encoded PowerShell execution via MITRE ATT&CK T1059.

Collection of scripts for Fidelis CyberSecurity EDR

🔍 Detect threats with Rustinel, a high-performance Windows EDR agent that leverages ETW to collect telemetry and outputs alerts for easy SIEM integration.