Threat-informed.
Operator-built.
Kevin Landry — U.S. Coast Guard veteran, GMU graduate student in Digital Forensics, independent security practitioner. I build tools, break systems legally, and help organizations understand how they can be compromised.
CerberusMesh
Distributed Cowrie honeypot mesh with AI-assisted session analysis, MITRE ATT&CK enrichment, and real-time attacker engagement on AWS.
→ ran against real SSH brute-force and credential-stuffing sessions on live AWS infrastructure
PatriotPot
AWS-hosted hardened SSH honeypot designed to observe real-world post-compromise attacker behavior.
→ research paper included; findings adopted into GMU's DFOR curriculum
USCC Binary Exploits
Format string and ROP chain tooling from 2025 USCC Cyber Bowl. Blind FSB detection, stack canary brute-forcing, ret2libc chains on 64-bit ELF.
→ 2nd place finish, East division — tooling built and used during live competition
CVSS Calculator
Offline CVSS v3.1 scorer with optional GPT-assisted analysis and MITRE/CWE mapping. Runs fully air-gapped when needed.
→ used in consulting engagements for structured vulnerability reporting
Adversary Simulation
Goal-oriented attack simulations using real TTPs. Custom tooling, threat-intel integration, detection gap analysis.
Digital Forensics & IR
Memory forensics, malware reverse engineering, disk analysis, and IR playbook development. Backed by GMU DFOR coursework.
Detection Engineering
IOC tuning, SIEM query development, honeypot deployment, and deception architecture grounded in MITRE ATT&CK.
Cloud Security
AWS architecture review, IAM hardening, least-privilege enforcement, and CloudTrail-based audit logging design.