Skip to content
View forgehk's full-sized avatar

Block or report forgehk

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
forgehk/README.md

@forgehk

Engineer · Security · Systems · Building DarkForge AI

Site Email

I build security tooling, systems software, and AI-accelerated full-stack apps. Every repo below is mine, public, has working code, and ships with tests. No tutorials, no forks.

Pinned work

Security & DevSecOps

  • honeytoken-sentinel — Self-hosted Thinkst-Canary-style tripwire. Mints decoy AWS/GitHub/Stripe credentials and canary URLs; alerts the second one is touched. Stdlib-only HTTP listener, atomic JSON registry, Slack webhook. 19/19 tests. python
  • darkforge-edr — Lightweight endpoint detection agent. YAML rule engine over process, file, and network telemetry, with a SQLite alert store and a Next.js console (see below). go sqlite
  • pipeline-armor — Drop-in DevSecOps gate for GitHub Actions: SAST + SCA + secrets scanner + container scan. Ships with a deliberately vulnerable demo app the gate catches. 12/12 tests. python actions semgrep trivy
  • darkforge-edr-dashboard — Next.js 14 + Tailwind console that consumes the EDR feed. Filterable alert grid, severity timeline, host drill-down. nextjs tailwind

Systems & Compilers

  • tiny-compiler — A Pascal-style language that actually compiles to MIPS-32 assembly. Full lexer → parser → AST → codegen pipeline in ~700 lines. 25/25 tests. Pairs with mips-emulator. python compiler
  • mips-emulator — MIPS-32 instruction-set emulator in C++17. Decodes R/I/J-type, executes a useful subset of arithmetic / branch / memory / syscall ops. 16/16 tests. cpp systems

The rest

Area Repos
Offensive / red team ctf-toolkit · steg-toolkit · phish-forge
Defensive AppSec secret-rotator · dns-doctor · nextjs-auth-armor
Meta / orchestration darkforge-cli — runs the whole security suite through one grade-A-to-F CLI
CS depth bigint-cpp · polyglot-sort-grand-prix · prolog-ufo-puzzle
Frontend / viz algoviz (Three.js 3D sort visualizer) · pixel-forge · lead-foundry

How I work

Languages   Python · Go · C++ · TypeScript · SQL · Bash · Prolog · MIPS asm
Backend     FastAPI · Node · Supabase · SQLite · REST · subprocess orchestration
Frontend    Next.js · React · Tailwind · Three.js
Security    SAST (Semgrep) · SCA (Trivy) · secrets (gitleaks) · DNS/SPF/DKIM/DMARC ·
            TLS · YAML rule engines · canary tokens · STRIDE threat modeling
Tooling     pytest · Go test · CMake · GitHub Actions · Docker

Currently shipping in public

Compilers, distributed systems, and a small language model of my own. Repos drop here when they're test-passing — not before.

📬 info@darkforgeai.com · 🌐 forgehk.github.io

Pinned Loading

  1. ctf-toolkit ctf-toolkit Public

    Swiss-army CLI for CTF challenges: ciphers, encoders, hash ID, frequency analysis. Zero external deps.

    Python

  2. darkforge-edr darkforge-edr Public

    Lightweight endpoint detection agent in Go. Process telemetry, YAML rule engine with name/cmdline/regex matching, JSON-lines alerts.

    Go

  3. phish-forge phish-forge Public

    Phishing email analyzer with header forensics, URL scoring, and body heuristics. CLI + FastAPI service.

    Python

  4. pipeline-armor pipeline-armor Public

    Drop-in DevSecOps gate for GitHub Actions: secrets scanner, AST-based pattern scanner, YAML policy engine, vulnerable demo app.

    Python

  5. mips-emulator mips-emulator Public

    A small MIPS-32 instruction emulator in modern C++. Assembler + CPU + memory. Runs textbook MIPS programs end-to-end.

    C++

  6. nextjs-auth-armor nextjs-auth-armor Public

    Next.js 14 starter with Supabase auth, Row-Level Security, honeypot-protected forms, and security-header middleware.

    TypeScript