Hi, I'm

Omar Tsai

I research security, build AI systems, and wrangle data — sometimes all in the same week. I write about what I learn and ship side projects when the mood strikes.

Read the blog Get in touch

What I work on

🔐

Cybersecurity

Vulnerability research, pen testing, and building tools that find what attackers find first.

🤖

AI & Machine Learning

Designing, training, and evaluating models — from classical ML to LLM-powered systems.

📊

Data Science

Turning raw data into insight. Statistical analysis, visualisation, and reproducible research.

⚙️

Data Engineering

Pipelines, warehouses, and the infrastructure that keeps data clean and flowing.

🔌

Hardware

Embedded systems, low-level programming, and the occasional soldering iron.

Recent posts

All posts →
How I vibe code

 ·  workflow

How I vibe code

Now that working with AI is a must, here's what I've learned so far.
Updating wazuh manager password in kubernetes

 ·  kubernetes, devops

Updating wazuh manager password in kubernetes

Updating wazuh manager password in kubernetes
Back to My Old Blogger Roots

 ·  meta

Back to My Old Blogger Roots

Moving back to Blogger for casual writing, for now.

Featured projects

All projects →
GraphQLer screenshot

GraphQLer

The only dependency-aware GraphQL API security testing tool. Automatically generates valid queries and mutations, resolves object dependencies, and detects vulnerabilities including IDOR.

PythonGraphQLSecurityDocker
GitHub ↗
Safe Browsing screenshot

Safe Browsing

A Chrome extension that scans every website you visit in real time and gives you an instant risk verdict — Safe, Suspicious, or Malicious — with phishing detection, typosquatting checks, and optional self-hosted server support.

Chrome ExtensionJavaScriptSecurityZTA
Live ↗ GitHub ↗

Research

See more →

Active research areas across API security, LLM-assisted testing, embedded security, and data-driven threat intelligence. Always open to comparing notes.