Skip to content
View omobolajiadeyan's full-sized avatar

Block or report omobolajiadeyan

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
omobolajiadeyan/README.md
Typing SVG

Omobolaji Adeyan

Practical security automation for developers, security teams, and evidence-driven reviews.

profile views marketplace OWASP

Website   LinkedIn   HackerOne   DEV.to   Email


GitHub Stats

GitHub Streak

Contribution Activity


What I Build

I build security tools that turn noisy technical signals into clear, reproducible findings. My work spans phishing detection, vulnerability triage, secure CI/CD, supply-chain hardening, and evidence auditable by maintainers, compliance teams, and security engineers.

The strongest theme across my public work: practical security automation - small, testable, well-documented tools that make risk easier to detect, explain, and act on.


Strongest Public Evidence

Evidence Status Link
PhishGuard AI reusable GitHub Action Published on GitHub Marketplace Marketplace
PhishGuard benchmark improvement Public-safe recall improved with documented regression evidence PR #52
PhishGuard Python API guide Stable import examples with executable documentation tests PR #53
PhishGuard adoption path Safe third-party workflow trial and showcase issue template PR #54
PhishGuard email-auth parser coverage SPF/DKIM/DMARC parser trust-boundary tests expanded PR #55
PhishGuard July maintenance CodeQL, article links, product attribution, and documentation cleanup merged PRs #60-64
Security tools as GitHub Actions Added SARIF 2.1.0 and reusable Action support to Secrets Scanner and Log Analyzer Log
BehaviorSense and VulnGPT maintenance Fixed Windows CLI output crashes and restored passing tests Log
Prowler Amplify secret detection Prototype for app and branch environment-variable secret scanning Issue #11817
Security tool portfolio verification CVE, log-analysis, secret-scanning, behavior, and vulnerability tools tested Log
OWASP Agent Security Regression Harness Merged upstream contribution PR #150
OWASP cve-lite-cli Merged upstream contribution PR #602
RamenDR ramenctl - GitHub Actions hardening Merged upstream contribution PR #466
Prowler cloud security platform Credited upstream contribution PR #11098
SecOps-NG Framework Merged compliance/security mapping PR #281
SPF, DKIM, and DMARC in Phishing Detection Published engineering article Article
OWASP Agent Security Batch Validation Published engineering article Article

Full contribution history: Open-Source Activity Log


Featured Project: PhishGuard AI

PhishGuard AI is an explainable offline phishing detection engine for URLs and email with zero external dependencies - safe for local analysis, CI workflows, and security education.

Stars Forks Last Commit Marketplace

Key capabilities:

  • URL, email, redirect, typosquatting, and authentication-signal analysis
  • Conservative SPF, DKIM, and DMARC scoring from trusted receiver headers
  • JSON and SARIF 2.1.0 output for automation and GitHub Code Scanning
  • Zero runtime dependencies
  • Stable Python API guide with importable examples covered by tests
  • Adoption guide for safe third-party workflow examples and public usage reports
  • Public benchmark fixtures, documented model limitations, and dated before/after regression evidence
  • Good-first issues and contribution guidance for new contributors

Use it in GitHub Actions:

# Drop into any GitHub Actions workflow:
- uses: omobolajiadeyan/phishguard-ai@v0.5.1

Selected Projects

Behavioral anomaly detection engine for user and IP risk scoring. UEBA-style patterns for insider-threat and account-risk scenarios.

Threat detection with MITRE ATT&CK mappings, JSON and SARIF output, and a reusable GitHub Action for security operations workflows.

CI-friendly credential and API key scanner with redacted JSON/SARIF output and a reusable GitHub Action for Code Scanning workflows.

CVE analysis with NVD data and AI-assisted remediation guidance.

Real-time CVE intelligence dashboard pulling live data from the NVD API, with filtering, severity scoring, and trend tracking.

A cloud-security contribution prototype that scans AWS Amplify app and branch environment variables for possible secrets without exposing secret values.

AppSec Compliance Bridge (private) - converts appsec scan findings into traceable NIST SP 800-53 control mappings and POA&M evidence.


Upstream Work Under Review

Project PR Description
Dependency-Track PR #6477 Runtime-backed OpenAPI Finding response schema
OpenSSF Scorecard PR #5098 Dangerous Workflow detection for committer-controlled Actions contexts
cisagov/ScubaGear PR #2237 DMARC policy discovery improvements for M365 baseline assessment

Writing


Technology

Tech Stack


Contact

Open to senior security engineering roles, appsec tooling collaboration, technical advisory, and community work around practical security automation.

     

Pinned Loading

  1. frenimi-checkers frenimi-checkers Public

    Secure cross-platform checkers with minimax AI, realtime multiplayer, SQLite ratings, PWA support, and automated security testing.

    HTML

  2. phishguard-ai phishguard-ai Public

    Explainable offline phishing detection for URLs and email. Zero dependencies. SARIF 2.1.0 output. Reusable GitHub Action.

    Python 5

  3. secrets-scanner secrets-scanner Public

    CI-friendly credential and API key scanner. Catches exposed secrets before they reach production.

    Python

  4. behaviorsense behaviorsense Public

    Behavioral anomaly detection engine for user and IP risk scoring. UEBA patterns for insider threat detection.

    Python

  5. cve-dashboard cve-dashboard Public

    Real-time CVE intelligence dashboard pulling live data from the NVD API.

    Python 1

  6. vulngpt vulngpt Public

    CVE analysis with NVD data and AI-assisted remediation guidance.

    Python