D2D — P2P File Transfer
LiveInstant cross-device file sharing over WebRTC data channels with QR/code pairing. ECDH handshake into an AES-GCM encryption pipeline, Socket.IO relay fallback for NAT traversal.
- Next.js
- Socket.IO
- Redis
- Docker
Fullstack developer & security researcher
Cybersecurity student at Seattle University, after finishing Running Start with an Associate's degree. I build web apps and self-hosted infrastructure, and pentest on the side.
Shipped and in active use.
Instant cross-device file sharing over WebRTC data channels with QR/code pairing. ECDH handshake into an AES-GCM encryption pipeline, Socket.IO relay fallback for NAT traversal.
Daily task manager with a week view, recurring tasks, a Pomodoro focus timer, and a manually-built Google OAuth flow — no Passport.js, CSRF-protected with account linking.
Cycle tracking web + mobile app. Adaptive ovulation prediction with confidence indicators, partner mode, doctor-ready PDF reports, and a React Native companion app via Expo.
Open-source PyQt6 pentesting suite — full HTTP/HTTPS intercepting proxy, Repeater, Intruder, a findings tracker with CVSS scoring, and Obsidian-compatible Markdown export.
Self-hosted WireGuard VPN on Oracle Cloud, built entirely by hand — DNS-level ad blocking, port knocking, a live honeypot with GeoIP-enriched alerts, and a custom FastAPI dashboard tying it together.
Everything I'm building, including the infrastructure with no public front door.
| No. | Project | Category | Status | Stack | Link |
|---|---|---|---|---|---|
| 01 | TodoLander | Web app | Live | JS · Express · Postgres | Visit → |
| 02 | Floret | Web + mobile | Live | Express · Postgres · Expo | Visit → |
| 03 | D2D File Transfer | Web app | Live | Next.js · Socket.IO · Redis | Visit → |
| 04 | Fracture | Security tooling | Active | Python · PyQt6 | GitHub → |
| 05 | WTFlag | CLI tool | Complete | Node.js · SQLite | GitHub → |
| 06 | AMvpn | Infrastructure | Private | WireGuard · Oracle Cloud | Case study → |
| 07 | Home NAS | Infrastructure | Private | Self-hosted | Project log → |
| 08 | Somab | AI voice assistant | Prototyping | Python · Piper TTS | Project log → |
| 09 | PenTesting Practice Lab | Security lab | Private | Flask · Raspberry Pi | Project log → |
| 10 | Bumper the Band | Band website | Live | HTML · CSS · JS | Visit → |
I finished Running Start at Bellevue College with an Associate's degree and I'm now studying Cybersecurity at Seattle University. Outside of code, I spent four years on varsity wrestling as team captain, three in jazz band, and time working retail — none of which show up in a stack trace, but all of which taught me the same lesson: show up, do the unglamorous work, and don't skip steps.
On the security side, I'm working toward the ISC² CC credential and building out a personal pentesting lab — numbered, versioned vulnerable apps I build, break, and document like real engagements. That habit carries over into how I build: I'd rather find my own bugs than let a production user find them first.