Cybersecurity analyst (MSc Cybersecurity, University of Wolverhampton) building practical, security-first software and tooling — from cloud compliance scanners to production retail systems.
I work where security meets shipping software: hardening applications and cloud, turning offensive-security findings into fixes, and building tools that make good security the default rather than an afterthought.
- Application & cloud security — secure-by-default architecture, threat modelling, hardening
- Offensive security — penetration testing and OWASP-driven assessment
- Detection & response — logging, monitoring, and incident readiness (SOC-minded)
- Engineering — reliable systems with CI/CD, guardrails, and clear operational docs
| Project | Summary | Stack |
|---|---|---|
| OroQ (private) | Privacy-first family-safety suite — on-device web filtering (browser extension + Android app) with end-to-end-encrypted parent reporting. By CyberHeroez CIC. | TypeScript · Android · Cloudflare Workers |
| Bardibas RetailOS (private) | Multi-tenant POS + Inventory + Accounting + Payroll for Nepal retailers — VAT/IRD compliant, offline-first. | React · Vite · Supabase · Firebase |
| ClinicOS | Clinic, pharmacy, and medical-operations platform adapted from a retail operations codebase. | React · TypeScript · Supabase |
| CloudGuard | Compliance-as-Code scanner that flags cloud misconfigurations (AWS S3 public buckets, risky IAM / security groups). CLI with HTML reports and Docker support. | Python · Docker |
| CommunityShield | URL-safety service: a browser extension + FastAPI backend that classifies links as safe / caution / danger. | Python · TypeScript |
| PortScanner | Nmap wrapper that exposes advanced scan features as clean, actionable output. | Python |
| AdBlock Ultra | Manifest V3 browser extension blocking ads/trackers via dynamic network rules, cosmetic filtering, and heuristics. | JavaScript |
- Offensive: Nmap, Burp Suite, OWASP ZAP, Nessus, Metasploit
- Defensive / monitoring: Splunk, Security Onion, pfSense
- Engineering: Python, Bash, TypeScript/JavaScript, FastAPI, React, GitHub Actions
- Platforms & cloud: AWS, Docker, Supabase, Kali Linux, Ubuntu, Windows Server
- Email: Hackmedipesh@gmail.com
- LinkedIn: in/dipeshthapa07
- Website: dipesthapa.com.np

