I'm a Software Engineering student with a strong focus on Linux, Cloud & Security Engineering.
I build hands-on security tools and labs to understand how systems are hardened, misconfigured, attacked, and defended in real-world scenarios.
- Linux server hardening
- SSH security & key-based authentication
- Firewall & network access control
- Brute-force attack detection & prevention
- Log analysis & incident investigation
- Cloud security misconfiguration analysis (AWS)
📌 Cloud Security Labs
👉 https://github.com/koray-yolcu-sec/cloud-security-labs
Completed labs include:
- Linux user & permission management
- SSH hardening & secure access control
- Firewall configuration (iptables, default-deny)
- Brute-force defense with Fail2Ban
- SSH log analysis & attack detection
🔹 AWS Security Scout
Terminal-based AWS Cloud Security Scanner (CSPM) that detects common misconfigurations and security risks across AWS services.
👉 https://github.com/koray-yolcu-sec/aws-security-scout
Focus areas:
- IAM, S3, EC2, CloudTrail, KMS, Secrets Manager
- Risk scoring & prioritized findings
- DevSecOps & audit-friendly design
🔹 AltaySec Cloud Security Scanner
A read-only AWS cloud security scanner that identifies misconfigurations and security risks.
👉 https://github.com/koray-yolcu-sec/altay_cloud_scanner
Focus areas:
- Executive summary
- Risk scoring
- Multi-region support
- JSON / Terminal reporting
🔹 Web-Scan
A passive web security scanning tool that operates within legal and ethical boundaries.
👉 https://github.com/koray-yolcu-sec/web-scan
Focus areas:
- OWASP-aligned passive checks
- Web security headers & misconfigurations
- CLI-based, lightweight security analysis
Seeking Security / Cloud / SOC Intern roles where I can apply defensive security skills, work with real systems, and continue learning in production-like environments.
📫 Contact