Projects

Security, systems, and tooling - built in Rust

A pentesting toolkit that runs as an MCP server. Wraps 16 industry-standard security tools plus Metasploit Framework behind a 6-layer safety architecture, exposing 34 MCP endpoints to AI assistants with input validation, output sanitisation, and session-aware context budgeting for local AI models.

Rust MCP AI Pentesting Metasploit OWASP Automation Security

TypeScript MCP client for the Raven Nest pentesting server. Communicates via JSON-RPC 2.0 over stdio, providing tool discovery, inspection, and execution through both an interactive REPL and one-shot CLI commands.

TypeScript Bun MCP JSON-RPC Security

Comprehensive automation tool for securing Linux systems. Scans for misconfigurations, applies hardening recommendations, and enables safe rollback of changes. Features CLI, desktop (Tauri), and web interfaces. Published on the Arch User Repository (AUR).

Rust Tauri Leptos Trunk WebKitGTK SQLite Ed25519 WASM

GTK4 keybinding manager for Hyprland with conflict detection, security validation, and automatic backups. Published on the Arch User Repository (AUR).

Rust GTK4 Hyprland

Common security tasks like password strength analysis, hash generation, and basic network scanning often require multiple separate tools or online services (which may not be trustworthy). Need a unified, offline toolkit for security professionals and developers.

Rust Argon2id ring (Crypto) clap (CLI) tokio (Async)

Need a lightweight, real-time system monitoring solution that doesn't require heavyweight frameworks or complex installations. Traditional monitoring tools are often over-engineered for personal use or local development environments.

Rust Actix-web Server-Sent Events sysinfo HTMX

Chess application built as a Rust workspace with clean crate separation - pure domain logic, async Stockfish UCI engine integration, and an egui desktop GUI with graphical board rendering.

Rust egui Tokio UCI Protocol Stockfish

Backing up GitHub repositories manually is tedious and error-prone. Need an automated solution to export repositories with full metadata (issues, pull requests, releases) for archival, migration, or offline access.

Rust GitHub REST API reqwest (HTTP) tokio (Async) serde (JSON)

A hand-rolled BitNet b1.58 implementation in pure Rust. Every component written from scratch as a learning exercise: tensor type with AVX-512/AVX2 SIMD matmul, tape-based autograd, ternary quantisation with straight-through estimator, transformer block (RMSNorm, multi-head attention with RoPE, SwiGLU FFN), training loop, KV-cached inference, and a CUDA back-end with cuBLAS int8 GEMM on tensor cores. No third-party ML dependencies.

Rust CUDA cuBLAS AVX-512 Machine Learning Transformers

Desktop TV guide for Swedish television. Fetches programme schedules from tv24.se, caches them locally in SQLite, and presents them in a clean timeline grid. Designed for people who just want to see what's on: large text, simple navigation, no account required.

Rust Tauri SolidJS TypeScript SQLite Vite

A Rust CLI tool for extracting page titles, links, headers, and meta tags from web pages. Supports an interactive prompt or scripted invocation via flags. Outputs plain text, JSON, or HTML.

Rust CLI reqwest (HTTP) scraper

Most portfolio websites focus on aesthetics over security. I needed a platform that demonstrates production-grade security engineering whilst showcasing my projects and technical expertise.

Rust Actix-web 4.11 PostgreSQL 17 SQLx Argon2id HTMX Alpine.js Tailwind CSS

Project Details

Raven Nest MCP

MCP Pentesting Server • Security

Key Features

Wraps 16 security tools plus Metasploit Framework (34 MCP endpoints total)
Recon: nmap, masscan, whatweb, subfinder, dnsrecon
Vulnerability and web fuzzing: nuclei, nikto, wpscan, dalfox, feroxbuster, ffuf
Exploitation and cracking: sqlmap, hydra, john, testssl, enum4linux-ng
6-layer safety: allowlist, input validation, preset args, timeouts, output sanitisation, quality assessment
Session-aware context budget tracker with three modes (full, compact, minimal) for local AI models
Structured findings persistence with OWASP Top 10 mapping and markdown report generation
179 unit and integration tests across 3 crates (raven-core, raven-report, raven-server)

Tech Stack

Rust MCP AI Pentesting Metasploit OWASP Automation Security

GitHub GitLab

Raven Nest Client

MCP Client • Security

Key Features

JSON-RPC 2.0 transport over stdio to the Rust MCP server (v0.3, 34 tools)
Interactive REPL with tab completion and persistent command history
One-shot CLI mode for scripting and automation
Typed wrappers for finding CRUD, scan management, and report generation
39 unit and integration tests (56 assertions)
61 E2E tests covering all 34 server tools against Juice Shop and bWAPP
Configurable server binary path and config via environment variables

Tech Stack

TypeScript Bun MCP JSON-RPC Security

GitHub GitLab

Linux System Hardener

Security Automation • Security

Problem Statement

Securing Linux systems requires expertise across kernel parameters, SSH, firewalls, PAM, and more. Manual hardening is error-prone and challenging to reverse. Existing tools lack comprehensive coverage or safe rollback capabilities.

Solution Approach

Built a plugin-based hardening framework with checkpoint-based rollback using Ed25519-signed SQLite snapshots. Eight security plugins cover kernel hardening, SSH, firewalls (nftables/firewalld/ufw), PAM, services, auditd, file permissions, and MAC frameworks (SELinux/AppArmor).

Key Features

Security scanning to identify configuration weaknesses
Automated hardening with dry-run capabilities
Checkpoint-based rollback with Ed25519-signed SQLite snapshots
Hash-chain audit logging for tamper-evident change history
Multi-distribution support (Ubuntu, Debian, Fedora, RHEL, Arch, openSUSE)
CLI, Tauri desktop, and Trunk WASM web interfaces
Scheduled scanning via systemd timers
714+ tests total: 514+ Rust unit and integration, 84 Playwright Web UI, 95 desktop UX and functional, 21 Node.js GUI
Available on AUR for Arch Linux users

Security Plugins

Kernel Hardening SSH Security Firewall (nftables) PAM Auth Service Minimisation Audit Daemon File Permissions SELinux/AppArmor

Tech Stack

Rust Tauri Leptos Trunk WebKitGTK SQLite Ed25519 WASM

GitHub GitLab AUR Package

Hyprland Keybind Manager

GTK4 Application • Systems

GTK4 keybinding manager for Hyprland with conflict detection, security validation, and automatic backups. Published on the Arch User Repository (AUR).

Key Features

Conflict detection for keybindings
Security validation
Automatic backup system
GTK4-based user interface
Available on AUR for Arch Linux users

Tech Stack

Rust GTK4 Hyprland

GitHub GitLab AUR Package

Security Toolkit

CLI Security Tools • Security

Problem Statement

Solution Approach

Created a comprehensive command-line security toolkit in Rust providing multiple security utilities in one binary. Implements industry-standard algorithms and practices, with a focus on educational output that explains the "why" behind each tool.

Password strength validator (entropy-based, not just character rules)
Hash generator (Argon2id, bcrypt, PBKDF2, SHA-256/512)
Network scanner (port scanning, service detection)
Certificate inspector (TLS/SSL certificate analysis)
Entropy analyser for randomness testing
Educational output explaining security concepts

Security & Ethics

Educational purpose - includes explanations and best practices
Ethical usage warnings in CLI and documentation
Legal disclaimer: only use on systems you own/have permission
No password transmission - all processing local
Uses well-audited cryptographic libraries (ring, argon2)

Tech Stack

Rust Argon2id ring (Crypto) clap (CLI) tokio (Async)

GitHub GitLab

System Monitor

Real-time Dashboard • Systems

Problem Statement

Solution Approach

Developed a Rust-based system monitoring dashboard using Server-Sent Events (SSE) for real-time updates. The backend collects system metrics (CPU, memory, disk, network) and streams them to the frontend via SSE. HTMX handles dynamic updates without writing custom JavaScript.

Server-Sent Events for efficient real-time streaming
sysinfo crate for cross-platform system metrics
HTMX for declarative real-time UI updates
Minimal resource overhead (~5MB RAM, <1% CPU)
Historical data tracking with time-series visualisation

Key Challenges

SSE Connection Management: Handling client disconnections gracefully and preventing memory leaks. Implemented automatic clean-up with weak references.
Cross-Platform Metrics: Different APIs for Linux, macOS, Windows. Leveraged sysinfo crate's abstraction layer for consistency.
Update Frequency Balance: Too frequent = resource waste, too slow = stale data. Settled on 1-second intervals with configurable throttling.

Learning Outcomes

Gained deep understanding of SSE protocol and its advantages over WebSockets for unidirectional data streaming. Learnt how to efficiently collect system metrics in Rust and manage async tasks. Discovered HTMX's power for building real-time UIs without complex JavaScript frameworks.

Tech Stack

Rust Actix-web Server-Sent Events sysinfo HTMX

GitHub GitLab

Rust Chess Engine

Desktop Application • Algorithms

Chess application built as a Rust workspace with clean crate separation - pure domain logic, async Stockfish UCI engine integration, and an egui desktop GUI with graphical board rendering.

Key Features

Workspace architecture - core, engine, and desktop crates
Stockfish UCI integration with configurable skill levels and search depth
egui desktop GUI with graphical board and piece rendering
Pure domain logic with zero external dependencies in core crate

Tech Stack

Rust egui Tokio UCI Protocol Stockfish

GitHub GitLab

Repository Exporter

Automation Tool • Automation

Problem Statement

Solution Approach

Built a CLI tool that interfaces with GitHub's REST API to export repositories as structured archives.

GitHub REST API integration with authentication
Parallel fetching for performance (async/await)
Multiple export formats (JSON, Markdown, ZIP)
Incremental exports (only fetch changes since last run)
Rate limiting awareness (respects GitHub API limits)

Tech Stack

Rust GitHub REST API reqwest (HTTP) tokio (Async) serde (JSON)

GitHub GitLab

BitNet Toy

Pure-Rust ML • Algorithms

Problem Statement

Wanted to genuinely understand BitNet b1.58 (ternary weights with INT8 activations, trained via straight-through estimator) by writing every layer from scratch in Rust with no third-party machine learning dependencies.

Solution Approach

Built a single-crate implementation: tensor + autograd + quantisers + transformer + training + inference + binary export, plus an optional CUDA back-end behind a feature flag for tensor-core int8 training.

Key Features

Trains end-to-end on TinyShakespeare in 8-15 min on CPU (val_ppl 4.869 at 30k cumulative steps)
Three on-disk formats: f32 with masters (lossless resume), ternary i8 (2.92x), base-3 packed (6.02x)
Runtime-detected matmul: AVX-512 (16 f32/step), AVX2 (8 f32/step), scalar fallback; multi-threaded across output rows
CUDA back-end via cudarc 0.19: cuBLAS sgemm + 9 hand-rolled NVRTC kernels + per-op trait abstraction
Real BitNet ternary training on Ada tensor cores via cublasGemmEx int8 GEMM (cuBLAS_GEMM_DEFAULT_TENSOR_OP)
KV-cached inference around 50 to 100 times faster per token than the full forward path
137 tests on default build, 169 with --features cuda; zero warnings on cargo build --release

Tech Stack

Rust CUDA cuBLAS AVX-512 Machine Learning Transformers

GitHub

TV-Tabla

Desktop TV Guide • Systems

Key Features

Now view: horizontal timeline grid with a live now-marker, channels as rows, programmes as time-proportional blocks
Favourites: star programmes by title and see all upcoming airings across channels and days
Week planner: browse schedules up to 5 weeks ahead, day by day per channel
Offline-first: cached data displays instantly, background refresh keeps it current
Multilingual UI: Swedish (default), English, Portuguese
Channel management: toggle visibility and reorder to your preference
Privacy-respecting: no accounts, no tracking, all data stays local

Tech Stack

Rust Tauri SolidJS TypeScript SQLite Vite

GitHub

Web Scraper

CLI Extraction Tool • Automation

A Rust CLI tool for extracting page titles, links, headers, and meta tags from web pages. Supports an interactive prompt or scripted invocation via flags. Outputs plain text, JSON, or HTML.

Key Features

Interactive URL prompt when no argument is supplied
Extracts title, links (with duplicate detection), h1 to h6 headers, and meta tags (name, OpenGraph, http-equiv)
Output formats: plain text, JSON, HTML
Configurable delay flag for rate-limit respect
Timeout handling and error recovery
Installable globally via cargo install --path .

Tech Stack

Rust CLI reqwest (HTTP) scraper

GitHub

Security-First Portfolio

This Website • Security

Problem Statement

Most portfolio websites focus on aesthetics over security. I needed a platform that demonstrates production-grade security engineering whilst showcasing my projects and technical expertise.

Solution Approach

Built a full-stack web application using Rust and Actix-web with a security-first architecture.

JWT authentication with refresh token rotation
Argon2id password hashing (OWASP recommended)
10 OWASP security headers (CSP, HSTS, COOP, etc.)
Rate limiting with account lockout protection
PostgreSQL with Row-Level Security (RLS)
Request tracing with unique IDs for audit correlation

Security Considerations

Zero-trust architecture - validate everything
Defence in depth - multiple security layers
Transparent security posture via /security endpoint
Automated security scanning in CI/CD (cargo audit)
Token transport via Authorization header (CSRF-immune)

Tech Stack

Rust Actix-web 4.11 PostgreSQL 17 SQLx Argon2id HTMX Alpine.js Tailwind CSS

View Security

Let's Build Something

I'm looking for a team that cares about code quality, security, and having a good time doing it. Based in Göteborg, open to remote - backend, security engineering, or DevSecOps.

Get in Touch Download CV

Projects

Raven Nest MCP

Raven Nest Client

Linux System Hardener

Hyprland Keybind Manager

Security Toolkit

System Monitor

Rust Chess Engine

Repository Exporter

BitNet Toy

TV-Tabla

Web Scraper

Security-First Portfolio

Let's Build Something

Theme Settings

Theme

Background

Accent Colour

Font

Pixel Effects