Organising my ignorance in an intelligent way.

Sandra Sullivan, PhD.

Hi! Welcome to my website where I host my home lab pet projects.

I am a PhD researcher with a borderline unhealthy cyber security addiction. Here is where I post details and tutorials about my most recent projects ranging from ethical hacking to threat hunting and threat intelligence. I’m also a budding CTF player and bug bounty hunter who really enjoys cryptography challenges. Recently, I am thrilled to have placed in the top 10 of the Capture the Talent Advent CTF, a competition that presented a formidable mix of cryptography, steganography, reverse engineering, web exploitation, and OSINT challenges. It was a challenging event, but I am pleased with my performance and proud of this accomplishment.

Prior to becoming a a cyber security geek I was biophysics researcher, and a data scientist, with over 7 years of experience in academic research. And, if you look closely, you can still find me crunching numbers for the investment sector, building fancy (and hopefully profitable!) machine learning/deep learning predictive models.

Projects

Current and past home lab projects.

  • Cybersecurity home lab projects
  • Data and Cryptography projects
  • Tutorials and programming projects
Learn more

Experience

Brief outline of my background.

  • What have I been up to?
  • Work and research experience
  • Education
Learn more

Certs

Certifications I’m working towards.

  • Cybersecurity related certifications
  • Skills
  • Badges
Learn more

PROJECTS

  • Finding Optimal Lag Between Financial Assets Time Series

    Finding Optimal Lag Between Financial Assets Time Series

    I have updated my GitHub with a new Jupyter notebook. This notebook analyzes the relationship between the price movements of Bitcoin (BTC=F) and Ether (ETH-USD) over time. Specifically, it aims to find the optimal “lag” or time delay between the two cryptocurrency prices that results in the highest correlation. It begins by importing the necessary…

  • Credit Card Fraud Detection with Random Forest

    Credit Card Fraud Detection with Random Forest

    Credit card fraud is a major problem in the financial industry. Fraudulent transactions can cause significant losses for both cardholders and financial institutions. However, detecting credit card fraud is a challenging problem, especially when the data is imbalanced. This means that the number of fraudulent transactions is much lower than the number of non-fraudulent transactions.…

  • Python Monte Carlo simulation – describing a cyber threat landscape

    Python Monte Carlo simulation – describing a cyber threat landscape

    Monte Carlo simulation is a powerful mathematical technique that can be used to model a wide range of systems, from financial markets to physical systems. At its core, Monte Carlo simulation is based on the idea of using random sampling to understand the underlying probability distributions of a system. The basic idea behind Monte Carlo…

  • Hacking Mr. Robot’s box part 4 – the final flag.

    Hacking Mr. Robot’s box part 4 – the final flag.

    On the part 3 we had shell access to the webserver. So might as well rummage a bit to see if we can find the third and final flag. And there’s nothing to be found in the directories we have access to as robot. Look, conveniently, we don’t have access to the root directory: I…

  • Hacking Mr. Robot’s box part 3 – the second flag.

    Hacking Mr. Robot’s box part 3 – the second flag.

    Here we are, attempting to find the second flag. On part 2, we found the robots file – ‘robots.txt’ which contained the first flag and a few other bits of information: ‘User-agent: *’ and fsocity.dic, whatever it all means. Our NMAP HTTP enumeration revealed a few other interesting tidbits: different pages of the website are…

  • Hacking Mr. Robot’s box part 2 – the first flag.

    Hacking Mr. Robot’s box part 2 – the first flag.

    This is part 2 of the hacking walkthrough. Now that we have both boxes living securely in the same isolated network, we can actually get to the hacking bit. At the end of part 1, the NMAP scan revealed three crucial details: Mr Robot box IP address is 10.150.1.11, Mr Robot box is actually a…

  • Hacking Mr. Robot’s box part 1 – setting up a secure environment.

    Hacking Mr. Robot’s box part 1 – setting up a secure environment.

    This post is part 1 of a beginner’s tutorial on hacking Mr Robot 1 CTF box from VulnHub. The box has three hidden flags of increased difficulty and is beginner to intermediate in complexity. In this first project, I will document every basic stage of progress, including downloading, installing, and configuring the virtual machines in…

EXPERIENCE

Senior Cyber Security Analyst

Hybrid | September, 2023 – present

Responsible for helping develop all aspects of cyber security including strategy, risk management, technical controls and compliance initiatives. Lead in security incident response.
Responsible for designing and implementing technical security controls for firewalls, endpoint protection SIEM, vulnerability scanning and management, etc.
Penetration tester for web apps and responsible for conducting vulnerability assessments.


Incident Response, Threat Hunting, and Forensics. Penetration Testing, Application Security, Vulnerability Management.

Accelleron, Application Security Service owner

Hybrid – UK and Switzerland | June, 2023 – September, 2023

Lead implementer of application security controls for software and applications, keen to embbed SAST and DAST into the SDLC. Responsible for web application pentesting and external attack surface assessment. Responsible for the continous evaluation of adequate security controls and appropriate policies, processes and regulatory compliance.


Penetration Testing, Application Security, Risk Management. SAST, DAST and SDLC.

CAPSLOCK, Trainee cyber security consultant

London | September, 2022 – January, 2023

Work experience bootcamp providing business oriented hands on expertise, and industry certifications, on the following areas:

Penetration Testing, Security Operations, Cloud Infrastructure, Networking
Fundamentals, Application Security, Operating Systems, Risk Management, ISO27001, Audits, and GRC.

Crypto Hedge Fund, Data Scientist

London | April, 2021 – ongoing

Freelance consulting deploying deep learning and statistical methods to execute technical and fundamental analysis applied the cryptocurrency markets. Machine learning analysis of on-chain metrics to produce actionable trading signals and crypto forecasting.

 Key skills: Python, Pandas, Matplotlib, Plotly, TensorFlow – Keras, Scikit-learn, NumPy, Big Data, Linux, Time series forecasting, LSTM, Neural Networks.

Imperial College London, Computational Biophysics doctoral researcher

London | October, 2016 – June, 2021

Cancer drug discovery research project targeting human c-MYC oncoprotein. Deployment of computational analytics including Molecular Dynamics simulations, protein modelling, structural Bioinformatics, deep learning, unsupervised algorithms, and statistical analysis to model, predict and describe protein conformation, undertake drug discovery and assay development. 

 Key skills: Molecular Dynamics simulation, Monte Carlo simulation, force field optimisation, Linux, Python, Pandas, Matplotlib, Plotly, NumPy, MATLAB, SPSS, R, machine learning for predictive uncertainty estimation and probability distribution statistics.

Imperial College London, Computational drug discovery researcher

London | September, 2016 – October, 2015

Computational drug discovery project directed at finding Gal11p KIX domain inhibitors using Molecular Dynamics, machine learning and high-throughput compound screening. 

 Key Skills: High-throughput drug screening deployed in Perl, Linux, Python, Pandas, Matplotlib, Plotly, NumPy, MATLAB, R, structural Bioinformatics and Big Data analytics.

Anglia Ruskin University, Bioinformatics researcher

Cambridge, UK | July, 2014 – May, 2015

Structural Bioinformatics research project mapping 200 types of pathological mutations to widely varying phenotypes. In silico mutagenesis analysis with statistical model building and validation. 

 Key Skills: SWISS-PROT, VMD, Uni-prot, BLAST, Chimera, R and SPSS, Big Data analytics, Bioinformatics.

EDUCATION

PhD in Computational Biophysics

Imperial College London, October, 2016 – June, 2021

PhD in Computational Biophysics with an emphasis on computer simulation and modelling, machine learning and deep learning algorithms, data science and statistical analysis. 

Masters Of Research In Cellular And Molecular Biosciences

Imperial College London, September, 2015 – September, 2016

A series of postgraduate projects dedicated to drug discovery research for various types of cancer. 

BSc In Biomedical Sciences

Anglia Ruskin University, September, 2012 – June, 2015

Bachelor of science degree in Biomedical Science with a focus on Bioinformatics and structural protein analysis. 

CERTIFICATIONS

(achieved and working towards)

Certified Cybersecurity Practitioner

Learn more

Nessus fundamentals

Learn more

Cloud Security Knowledge

Learn more

ISO 27001 certification

Learn more

CISMP certificate

Learn more

MBCS certificate

Learn more

Skills and badges

cat linux.txt

Learn more

Networking Nerd

Learn more

CTF competition

Learn more

CTF competition

Learn more
Main page

Got any suggestions? Want to hire me?

Get In Touch