Skip to content
View mythic3011's full-sized avatar
🎯
Focusing
🎯
Focusing
23 followers · 100 following

Achievements

Achievement: StarstruckAchievement: Pair ExtraordinaireAchievement: Pull Sharkx2Achievement: QuickdrawAchievement: YOLO

Achievements

Achievement: StarstruckAchievement: Pair ExtraordinaireAchievement: Pull Sharkx2Achievement: QuickdrawAchievement: YOLO

Highlights

  • Pro

Block or report mythic3011

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
mythic3011/README.md

mythic3011

Full-stack engineer and Information Security student in Hong Kong.
I build things that work in production, not just in demos.

Projects

Security & Cryptography

  • Secure-Instant-Messenger — E2E encrypted messaging app. X25519/AES-256-GCM, Ed25519 identity keys, Argon2id + TOTP 2FA, replay protection, Textual TUI client. Security tests cover replay attacks and ciphertext tampering.

Full-Stack & Backend

  • job-Boards — Laravel job board with a production security stack: CrowdSec IDS, Prometheus, Grafana, Loki, HMAC auth service, Docker split-plane deployment.

Data & Automation

  • trustpilot-scraper — Modular TypeScript + Playwright extraction pipeline. 12 single-responsibility modules, property-based tests with fast-check.

Infrastructure & Open Source

  • rules — Maintained fork of Custom_OpenClash_Rules, optimised for Hong Kong: AI service routing, DNS leak prevention, IPv6 support, shell/Python build scripts.

Homelab

MacBook ──── OpenWrt router ──── VPS
                │                 │
           DNS enforcement    Portainer
           DoH upstream       CrowdSec
           OpenClash proxy    Prometheus
           Firewall rules     Grafana
                              Nginx reverse proxy

Everything containerised. Everything monitored.

CTF

Year Event Result
2025 PolyU × NuttyShell Cybersecurity CTF 🥇 1st place
2024 PolyU × NuttyShell Cybersecurity CTF 🥉 2nd runner-up
2023–24 HKCERT Cyber Security New Generation CTF Participant

There's a flag hidden somewhere in my repos.
ZmxhZ3tub3RfdGhpc19vbmV9 is not it.

Defaults

deterministic > magic
fail loudly, never silently
container-first, always
read before edit
authority before patch
no vendor lock-in
PDPO/GDPR by default

Currently

  • Breaking: homelab Tailscale routing after OpenWrt update
  • Building: AI agent workflow runtime for multi-repo development
  • Reading: whatever the next CTF challenge requires

Stack

Languages   TypeScript · Python · PHP · Bash/Zsh · SQL
Backend     Laravel · FastAPI · Node.js · React
Data        Playwright · Selenium · spaCy · NER
Infra       Docker · Nginx · OpenWrt · Tailscale · Cloudflare
Monitoring  Prometheus · Grafana · Loki · CrowdSec
Crypto      X25519 · AES-GCM · Ed25519 · Argon2id · TOTP

Background

  • 🏆 CTF Champion — PolyU × NuttyShell Cybersecurity CTF 2025
  • 🎓 Information Security degree, Hong Kong (in progress)
  • 💼 Previously: OSINT pipeline and NER engineering, mapping industry

Also: VRChat, avatar design, homelab tinkerer.

Contact via LinkedIn or commit history.

Pinned Loading

  1. job-Boards job-Boards Public

    A Laravel job board hardened as a blue-team security deployment project, with Docker split-plane deployment, Nginx perimeter controls, CrowdSec, observability, OWASP ZAP evidence, and reproducible …

    PHP

  2. FreshChain FreshChain Public

    A Java web application for fruit inventory, delivery, reservation, and reporting workflows, hardened as a production-grade deployment project with role-based access control, Docker deployment, obse…

    Java

  3. wailim0506/Warehouse-Management-and-Online-Ordering-Platform wailim0506/Warehouse-Management-and-Online-Ordering-Platform Public

    This is assignment of ITP4915M

    C#

  4. rules rules Public

    Forked from Aethersailor/Custom_OpenClash_Rules

    Hong Kong-optimized OpenClash ruleset with AI service routing, DNS leak prevention, and ready-to-use Clash templates.

    Python

  5. Secure-Instant-Messenger Secure-Instant-Messenger Public

    End-to-end encrypted instant messaging application. Demonstrates strong cryptographic practices, replay protection, and an honest-but-curious server model.

    Python