https://github.com/core-euler/okoloboga

Config files for my GitHub profile.
https://github.com/core-euler/okoloboga

config github-config

Last synced: 26 days ago
JSON representation

Config files for my GitHub profile.

• Host: GitHub
• URL: https://github.com/core-euler/okoloboga
• Owner: core-euler
• Created: 2024-04-22T16:17:14.000Z (about 2 years ago)
• Default Branch: main
• Last Pushed: 2026-01-10T08:58:13.000Z (5 months ago)
• Last Synced: 2026-02-28T18:54:06.587Z (4 months ago)
• Topics: config, github-config
• Homepage: https://github.com/okoloboga
• Size: 6.84 KB
• Stars: 1
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
# 👋 Hi, I'm Nikolai — Connected Systems Developer & Security Researcher

Building IoT products end-to-end and finding where they break before attackers do.

---

## 🔌 What I Do

I design, build, and audit **connected systems** — the full stack from microcontroller firmware to cloud backend to mobile app. My edge is understanding the entire system at once: how it's assembled, how it communicates, and where it's vulnerable.

Three things I do well:

**Build** — ESP32 firmware, FastAPI backends, Flutter apps, MQTT infrastructure. Full-cycle IoT product development from schematic to production.

**Connect** — Cloud integrations, Home Assistant, Node-RED automation, AI layers where they genuinely add value (not as a buzzword).

**Secure** — Firmware analysis, IoT infrastructure pentesting, AI security audits. I find vulnerabilities before someone else does.

---

## 🏆 Commercial Work

### 🌿 Lephrone H01 — Smart Aroma Diffuser (US Client)

IoT product built from scratch: ESP32-S3 firmware, Flutter mobile app, cloud backend with OTA updates. Full technical documentation including threat modeling and security architecture.

`ESP32-S3` `ESP-IDF` `FreeRTOS` `Flutter` `FastAPI` `MQTT` `AWS IoT`

### 🔐 Backend Pentest Reports (×2 commercial projects)

Full-cycle security assessments for real production systems. 10+ documents of structured findings — vulnerabilities, severity ratings, remediation plans. Critical API and infrastructure issues identified and closed before exploitation.

`Burp Suite` `nmap` `Wireshark` `OWASP` `REST API security`

### 🧠 Enterprise RAG System (Logistics)

Knowledge base bot for auto repair shop: vector search over 1C database and unstructured docs. 3x faster issue resolution for technicians.

`Python` `ChromaDB` `LangChain` `FastAPI` `Telegram Bot API`

---

## 🛠 Tech Stack

**Embedded & Hardware**

ESP32 · ESP-IDF · FreeRTOS · MicroPython · KiCad · Ghidra

**Backend & Infrastructure**

Python · FastAPI · MQTT (Mosquitto) · Docker · PostgreSQL · Redis · Ubuntu Server

**Mobile**

Flutter · Dart

**Security**

Burp Suite · Wireshark · nmap · Ghidra · Firmware analysis · OWASP IoT Top 10 · Prompt injection · AI red-teaming

**Automation & Monitoring**

Home Assistant · Node-RED · InfluxDB · Grafana · Tuya IoT

**AI & LLM**

OpenAI · Claude · LangChain · RAG · Vector search · LLM-accelerated development

---

## 💡 My Methodology

I use LLMs as acceleration — not as replacement for thinking. For firmware, security research, and system architecture, there's no shortcut: the work requires genuine reasoning. LLMs handle the scaffolding; I handle the decisions that matter.

This is why I moved into IoT security specifically: it's one of the few domains where you can't fake competence. Either the system holds or it doesn't.

---

## 📝 Writing & Research

I publish on connected systems, security, and the technology transition we're living through:

- **Habr** — Technical deep-dives in Russian (photo archive classification system, LLM-driven development methodology, IoT architecture)

- **CyberCore (Telegram)** — `@CoreEuler` — Philosophical and technical takes on how the world is becoming computational

I believe the gap between people who understand connected systems and people who live inside them is the defining security vulnerability of this decade. I write to close that gap.

---

## 📊 By the Numbers

- 🔌 1 commercial IoT product shipped (US client, full cycle)

- 🔐 2 commercial pentest engagements with full documentation

- 📄 10+ security assessment documents written

- ⚡ LLM-accelerated development: prototypes in days, not weeks

- 💼 Average project value: $800–3000

---

## 🎯 Current Focus

Building expertise at the intersection of:

- **IoT Security** — firmware analysis, protocol security, infrastructure hardening

- **AI Security** — LLM integration audits, prompt injection, red-teaming AI-powered products

- **Connected Systems Architecture** — designing systems that are both functional and defensible from day one

---

## 🤝 Open to

- IoT product development (firmware → backend → app)

- Security audits of connected systems and IoT infrastructure

- AI integration security reviews

- Technical writing and research collaboration

---

## 🌱 Background

Self-taught developer. Former logistics analyst. Built my own LLM-accelerated development methodology before "vibe coding" became a term — documented it on GitHub and Habr. Transitioned from AI/automation freelancing into connected systems and security because that's where the work still requires thinking.

Based in Russia. Working with global clients.

**Philosophy:** The world is accelerating faster than people can adapt. The gap between those who understand connected systems and those who don't is growing — and that gap is dangerous. I build things that work, find where they break, and write about what I learn.