Skip to content
View omobolajiadeyan's full-sized avatar
2 followers · 4 following

Achievements

Achievement: Pair ExtraordinaireAchievement: Pull Sharkx2Achievement: YOLO

Achievements

Achievement: Pair ExtraordinaireAchievement: Pull Sharkx2Achievement: YOLO

Block or report omobolajiadeyan

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
omobolajiadeyan/README.md

Hi, I'm Omobolaji Adeyan

Security Engineer | CISA | OWASP Contributor | Crest Hill, Illinois

LinkedIn | Email | PhishGuard AI on GitHub Marketplace

Evidence Snapshot

My public work focuses on practical security automation: tools that make risk easier to detect, explain, reproduce, and act on.

Current evidence signals:

  • Built and published PhishGuard AI, a reusable GitHub Marketplace Action for explainable offline phishing detection.
  • Contributed merged work to recognized security projects including OWASP, OWASP cve-lite-cli, Prowler, and SecOps-NG Framework.
  • Maintain public engineering records with tests, release notes, security boundaries, and dated contribution evidence.
  • Hold the CISA and CompTIA Security+ certifications, with a BS in Information Technology from Arizona State University.

See the full evidence record:

PhishGuard AI

Repository | Marketplace Action

I built PhishGuard AI, an explainable offline phishing detection engine for URLs and email, published as a reusable GitHub Action.

PhishGuard AI runs with zero runtime dependencies, outputs JSON and SARIF 2.1.0, and integrates with GitHub Code Scanning. It treats email authentication signals such as SPF, DKIM, and DMARC as supporting evidence rather than binary proof, including regression coverage for legitimate forwarding failures.

Key capabilities:

  • URL, email, redirect, typosquatting, and authentication-signal analysis
  • Conservative SPF, DKIM, and DMARC scoring from trusted receiver headers
  • SARIF output for GitHub Code Scanning integration
  • Public benchmark fixtures and documented model limitations
  • Good-first issues and contribution documentation for new contributors

Try it in a workflow:

- uses: omobolajiadeyan/phishguard-ai@v0.5.1

Selected Projects

PhishGuard AI

Explainable offline phishing detection for URLs and email. Zero runtime dependencies, SARIF 2.1.0 output, GitHub Code Scanning integration, benchmark fixtures, and documented model limitations.

FreNiMi Checkers

Repository | Live Demo

Secure cross-platform checkers with minimax AI, real-time multiplayer, SQLite ratings, WebSocket notifications, and PWA support. Security work includes hashed session tokens, explicit session revocation, active-match logout protection, bounded WebSocket payloads, strict CORS, and multiplayer regression tests.

AppSec Compliance Bridge

Private pre-launch project for converting application-security scan findings into traceable draft NIST SP 800-53 control mappings and POA&M evidence. The project is currently private while parser security, architecture, licensing, and delivery plans are finalized.

BehaviorSense

Repository

Behavioral anomaly detection engine for user and IP risk scoring, including UEBA patterns for insider-threat detection and MITRE ATT&CK-style mapping.

Open-Source Contributions

Selected merged work and active reviewed PRs:

  • OWASP Agent Security Regression Harness: PR #150 merged recursive scenario validation for directories and globs with green CI.
  • Prowler: PR #11098 includes Microsoft Entra directory-sync object-takeover work credited as co-author.
  • OWASP cve-lite-cli: PR #602 merged risk and next-action guidance for HTML vulnerability reports.
  • SecOps-NG Framework: PR #281 merged CRA Article 13(8) support-period mapping with cited sources.
  • Dependency-Track: PR #6477 proposes a runtime-backed OpenAPI Finding response schema. Maintainer feedback has been addressed; DCO, Codacy, and Snyk checks pass.
  • RamenDR ramenctl: PR #466 pins GitHub Actions to commit SHAs, disables persisted checkout credentials, and documents tag-to-SHA verification for supply-chain hardening.
  • OpenSSF Scorecard: PR #5098 proposes extending Dangerous Workflow detection to committer-controlled GitHub Actions contexts.
  • CISA ScubaGear: PR #2237 proposes a DMARC policy discovery tree-walk fix for Microsoft 365 baseline assessment logic.

For the full dated record, see OPEN_SOURCE_LOG.md.

Writing

GitHub Activity

GitHub Stats

Technology

Python | JavaScript | TypeScript | Node.js | React | FastAPI | PHP | SQLite | PostgreSQL | Docker | GitHub Actions | SARIF | CodeQL | MITRE ATT&CK | NIST SP 800-53 | vulnerability management | cloud security tooling

Contact

I am open to senior security engineering roles, application-security tooling collaboration, technical advisory conversations, and community work around practical security automation.

Popular repositories Loading

  1. omobolajiadeyan omobolajiadeyan Public

    Professional cybersecurity engineering profile and portfolio

  2. phishguard-ai phishguard-ai Public

    Explainable offline phishing detection for URLs and email. Zero dependencies. SARIF 2.1.0 output. Reusable GitHub Action.

    Python 5

  3. vulngpt vulngpt Public

    CVE analysis with NVD data and AI-assisted remediation guidance.

    Python

  4. behaviorsense behaviorsense Public

    Behavioral anomaly detection engine for user and IP risk scoring. UEBA patterns for insider threat detection.

    Python

  5. log-analyzer log-analyzer Public

    Threat detection with MITRE ATT&CK mappings for log analysis and security operations.

    Python

  6. cve-dashboard cve-dashboard Public

    Real-time CVE intelligence dashboard pulling live data from the NVD API.

    Python 1