● ACTIVE NODE · CYBERSECURITY

Hi, I’m Ezhilan

I explore how systems break — and how to defend them — by building Cyber Security tools, and more. This lab is my corner of the internet for experiments in ethical hacking, digital forensics, and AI + security.

View my cyber lab Deploy a message

STATUS: learning · building · breaking (ethically)

// profile

About Me

Who am I?

I’m a student just starting my journey into ethical hacking, with a growing obsession for network security and red-team style thinking. I like to see what really happens behind the screens – the packets, protocols, and hidden paths that most people never think about.

I’m not here to just run tools, I want to understand them. I learn by building things from scratch instead of relying only on ready-made tools, because fundamentals matter more than shortcuts. Long term, my goal is simple: get really good at ethical hacking and turn this curiosity into a career in cybersecurity.

Focus Areas

I’m especially interested in:

>Network security & traffic analysis
>Web application security
>Digital forensics & incident reconstruction
>AI-assisted detection & analysis

// toolkit

Skills & Stack

Security Concepts

I practice core security ideas by building them: scanners, honeypots, firewalls, and detectors.

Port scanning Honeypots Firewall rules Keylogger detection Web vulns basics

Tech & Tools

My primary language is Python, with a growing toolkit around it.

Python Sockets Wireshark Nmap Linux basics Virtual machines

// lab

Security Projects

⚙

POS-OS + ANADR

[FLAGSHIP]

Kali · CLI · strace · syscalls · NDR · DFIR · ML-ready

A stateful, kernel-truth-driven security intelligence platform built on Kali Linux that wraps command execution safely, captures system calls using strace, reconstructs per-PID forensic timelines, validates personal behavior baselines (CBSV), correlates privilege abuse with network follow-ups (ANADR), and emits explainable, ML-ready suspicion scoring with soft response recommendations.

EDR + NDR fusion kernel truth process causality stealth-aware forensics replay

View Source

🪪

Honeypot

[ARMED]

python · sockets · logging

Mission: observe attacker behavior in a controlled environment. Python socket-based honeypot that listens for incoming connections, simulates a weak target and logs interaction attempts for analysis.

deception logging

🛡

Firewall Simulator

[ACTIVE]

python · rules engine

Mission: understand packet filtering and rule evaluation. A simulated firewall that applies allow/deny rules to packets based on ports, protocols and addresses, with logging for each decision.

defense traffic filtering

🔍

Web Vulnerability Scanner

[SCANNING...]

python · http · recon

Mission: automate recon and surface web weaknesses. A Python-based scanner that sends crafted requests and checks for common issues like SQLi, XSS and insecure headers based on response patterns.

web security automation

// logs

Notes & Writeups

Incoming writeups

I’m building a collection of writeups to document my experiments, mistakes, and lessons:

[soon]Building and analyzing a honeypot in Python
[soon]How port scanners really work
[soon]First steps into digital forensics
[soon]Experimenting with AI + detection

Changelog

I treat this site like a live lab. New tools, upgrades, and experiments will appear here over time — a public changelog for my cybersecurity journey.

// contact

Reach Out

Let’s talk

If you’d like to talk about cybersecurity, collaborate on a project, or discuss an opportunity, drop a message.

Email: ezhilan.404@gmail.com

GitHub: github.com/ezhilan404

LinkedIn: linkedin.com/in/ezhilan-t