Skip to content
View LeightonSec's full-sized avatar
2 followers · 2 following
  • Sweden

Block or report LeightonSec

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
LeightonSec/README.md

LeightonSec

Security engineering research and tooling — OT/ICS threat detection, AI security, and GRC compliance.

Focus Areas

OT/ICS & Threat Detection — network analysis, threat intelligence pipelines, and SOC tooling built for practical use. Detection engineering with adversarial test coverage and regression locks.

AI Security — detection of prompt injection, jailbreaks, and adversarial inputs against LLMs. Weighted scoring, evasion-resistant signatures, and false-positive tuning.

GRC & Compliance — NIS2 vendor risk frameworks, MFA audit tooling, and policy assessment aligned to EU and NCSC standards.

Post-Quantum Cryptography — sovereign communication protocols resistant to quantum attack.

Projects

Repository Description
ai-firewall LLM prompt injection and jailbreak detection. Tiered weighted scoring, evasion-resistant signatures, adversarial test suite. 70 tests, CI green.
security-gate Self-enforcing static analysis gate. 18 scanners, 165 tests, CI with real teeth. Caught and patched a live CVE (GHSA-6v7p-g79w-8964) in its own dependency graph.
security-toolkit Modular web log analyser. SQLi detection hardened against string-boolean and comment-terminator evasion. 31-test adversarial suite with locked regression cases.
llm-honeypot Fake AI assistant that silently logs and classifies attack attempts. Detects prompt injection, jailbreaks, data extraction, and reconnaissance.
password-policy-checker Password policy evaluator against NIST SP 800-63B and NCSC guidance, with HaveIBeenPwned k-anonymity breach checking.
port-scanner TCP connect port scanner with banner grabbing, CIDR support, and JSON/Markdown output.
nis2-vendor-risk-framework NIS2-aligned third-party risk assessment framework with scoring rubric and worked example.
mfa-coverage-tracker M365 MFA audit tool — identifies weak or missing MFA, generates HTML risk reports.
intel-pipeline Automated threat intelligence collection and processing pipeline.
pcap-analyser Network packet capture analysis and anomaly detection.
incident-tracker SOC incident ticketing and case management system.
unified-dashboard Single pane of glass across the security toolkit.

About

Security engineer with a background in IT infrastructure and NHS deployment. CompTIA Security+ and Network+ certified, eAIS in progress.

Every project ships with a quality gate, adversarial test coverage, and documented design decisions. The gate enforces itself.

Targeting OT/ICS threat detection and AI security engineering roles.

bastionprotocol.org

Pinned Loading

  1. ai-firewall ai-firewall Public

    AI-powered jailbreak detection system for LLMs — LeightonSec

    Python 1

  2. security-toolkit security-toolkit Public

    A growing collection of security scripts, tools and utilities built while learning cybersecurity

    Python 1

  3. llm-honeypot llm-honeypot Public

    Fake AI assistant that silently logs and classifies attack attempts in real-time. Detects prompt injection, jailbreaks, data extraction, social engineering, and reconnaissance.

    Python

  4. mfa-coverage-tracker mfa-coverage-tracker Public

    A lightweight, defence-first MFA audit tool for Microsoft 365 environments

    Python

  5. password-policy-checker password-policy-checker Public

    Python CLI tool for evaluating passwords and organisational policies against NIST SP 800-63B and NCSC guidance — with HaveIBeenPwned k-anonymity breach checking.

    Python

  6. security-gate security-gate Public

    Static security gate for Python security and AI projects. Catches outbound leakage, supply chain risks, and model provenance issues before code ships.

    Python