Application Security Engineer @ Checkmarx.
I design and build distributed backend systems, with an emphasis on resilience, observability and maintainability — and I apply offensive security thinking to improve software safety.
Outside of work I operate a self-hosted home lab as a playground for systems design, service orchestration, and security experimentation.
- Backend architecture & distributed systems
- Application Security & secure SDLC
- Vulnerability research, exploit analysis
- Reverse engineering
- Self-hosted infra / home-lab
- AR mobile monster capturing game (Invizimals-inspired)
- Go-based media player
- Wii Sports memory analysis + code injection mod
- PSP 2D video game using pspdev
Languages
Go, Python, JavaScript/TypeScript, Java, Kotlin, C#, SQL/R
Frameworks / Libraries / Protocols
Express, Gin, Flask, Django, Spring Boot, ASP.NET, React, gRPC, WebSockets
Databases
MongoDB, PostgreSQL, MySQL, DynamoDB, Redis, SQLite, Elasticsearch
Infrastructure, Networking & Observability
Docker, Nginx, Traefik, GitHub Actions, Jenkins, Linux, Proxmox, Prometheus, Grafana, Bash/PowerShell, Tailscale (WireGuard)
Security
AppSec, DevSecOps, SAST/DAST/SCA, Secure Coding, Pentesting (Burp, ZAP, Nmap, Metasploit)
- INE eJPT (2025)
- AWS Cloud DevOps (2023)
| Project | Description |
|---|---|
| GuedesCrypt | AES implementation to learn crypto internals — Try it |
| GuedesMoney | Automation for Portugal’s Finanças portal — PyPI |
| TicTacGuedes | Reaction/wordplay game — Play |
| FafenseAdventure | 2D platformer (Unity) — Play |
| GuedesSueca | Online Sueca (WebSockets) — Play |
| GuedesDB | Lightweight JSON DB for Node.js — NPM |
I operate a production-grade homelab as a personal R&D sandbox.
— Architecture, threat model, components
— Uptime