Cookie Engineer's Avatar
Hello, I'm Cookie Engineer,
probably a Mad Engineer with AI, NetSec, WebSec, and OSINT experience.

BTW my web log's over at /weblog
My CV's over at /cv

Socialize Me.

[GitHub](https://github.com/cookiengineer)
[GitLab](https://gitlab.com/cookiengineer)
[LinkedIn](https://www.linkedin.com/in/cookiengineer)



Hello, fr1end.

I am Cookie Engineer (also known as 🍪🔧), and I'd like to welcome you to my website. This website mostly contains a curated list of my work and stuff I've built over the years.

My background has always been Network Security, Web Technologies, Open Source, Artificial Intelligence (not only Machine Learning), and the creation of automated self-adapting systems of all types. I solve problems by teaching machines how to solve it and I'm good at creating the Software Architecture behind it to make it possible.

I also create a lot of personal tools to automate my workflows. A huge part of my written software is Open Source, except the ones that are under NDA or were classified by my customers and contract partners (obviously). But I do believe in Open Source, just as I believe in the Robot Overlords.

Wanna pwn my machines? Take a look at my [dotfiles](https://github.com/cookiengineer/dotfiles) and my [dotvim](https://github.com/cookiengineer/dotvim) repositories.

There's also a little hacking challenge hidden in this website. It's Open Source on [GitHub](https://github.com/cookiengineer/cookie.engineer) and [GitLab](https://gitlab.com/cookiengineer/cookie.engineer), too, in case you want to know how things work.

Enjoy your stay.



Cyber Defense/Security Work

My personal offered services include being an AI Engineer, Cyber/Web Analyst or IT-Security Consultant due to my specialization in Cyber Defense, Cyber Intelligence and the autonomous code generation parts behind networked simulation environments.

Whenever I have enough time to spare I'm trying to automate the autonomous Cyber Defense Network that is called the [Tholian Network](https://tholian.network) and aims to fully automate Security Audits, Incident Response and Penetration Testing.

If you have interesting problems that need more efficient solutions, don't hesitate to [contact me](https://cookie.engineer/#/contact).



Skills.


### Network Security


95% - 15 years

I have a specialization in the knowledge of network protocols, their implementations and specification quirks that could lead to potential attack vectors.

This includes strong knowledge in network protocols such as TCP, UDP, MQTT, ICMP, SNMP, SOCKS, TLS and all protocols related to the Web such as HTTP/S, SPDY, QUIC, DNS, DNS over HTTPS, DNS over TLS, DNS-based Service Discovery, WebRTC and WS13.

Most of my open source software is peer-to-peer, meaning they use NAT traversal and NAT breaking techniques to find other local and global peers. Those techniques are similar to how malware often works, as most of them use DNS Exfiltration, Multicast and Relaying, and even PWNAT- or ICMP-spoofed attacks to contact their CNCs once they successfully infiltrated a device.


### Network Forensics


75% - 10 years

My previous employments included building up Blueteams in the Cyber Defense space, wherein AI-based IDSes were being built, trained, and used in order to gain a strategical advantage on the Blueteam side.

My experience helped me to create a deep understanding of how to build trainable automated network security systems that can learn from traffic fingerprinting and the behaviour of networked nodes and their communications.

My work with co-evolutionary systems like backpropagated ES/HyperNEAT gives me the knowledge to create virtual simulations and pentesting scenarios that can be easily replicated and adapt to new infiltration targets.

Additionally those virtual environments usually are multi-agent simulations of vast network topologies and reuse existing PCAP files or streams from previous attack scenarios to train the CPPNs more efficiently.


### Cyber Intelligence


100% - 20 years

Over the past years many of my projects were indirectly trying to automate the OSINT methodologies that still need human interaction to acquire information online, such as the [Research](https://cookie.engineer//projects.html#/open-source-research) and [Tholian Stealth](https://cookie.engineer//projects.html#/open-source-stealth) projects.

My unique perspective with the usage of co-evolutionary AI systems allows me to build self-automating and self-adapting systems that help to exceed the frontiers of what you can do with the Knowledge on the Web.