Β
Backend engineer building distributed systems, security tooling, and real-time infrastructure.
I reverse-engineer software to understand how things actually work β not how the docs claim they do.
Security is not a feature I bolt on. It is baked into the architecture from day one.
name : Vorsynth
handle : @alanhasn
focus : Backend Systems Β· Infrastructure Β· Security Engineering
approach : Security-first. Understand internals before abstractions.
current : Building SMBN β a distributed real-time backend platform
location : Remote β UTC+0..+3|
Django Β· DRF Β· FastAPI |
Docker Β· Linux Β· Git |
Static Analysis Β· Web Security |
Kotlin Β· Android Studio Β· Android SDK |
Β
π SecureTool β Python Security Library
pkg : securetool
registry : PyPI
lang : Python
type : Open-Source Security Library
purpose : Reusable security primitives for Python applications
scope : Encryption helpers, secure hashing, token generation,
input validation, and audit-friendly logging utilities
status : Published Β· Actively maintained
πΈ Vulnerability Scanner β Web Application
lang : Python Β· Django Β· JavaScript
type : Internal Security Platform
scope : Automated web vulnerability scanning with a structured
report interface. Covers OWASP Top 10 surface areas,
HTTP header inspection, and endpoint enumeration.
arch : Django backend Β· REST API Β· async scanning workers
status : Active development
β‘ XSScan β Production-Grade XSS Detection Tool
stack : Python Β· Requests Β· CLI Β· HTML Parsing Β· Payload Automation
type : Security Testing & Vulnerability Detection Tool
scope : Production-grade command-line utility for detecting
Cross-Site Scripting (XSS) vulnerabilities through
automated payload injection, response analysis,
parameter testing, and target validation workflows.
features : Reflected XSS detection Β· Automated scanning workflows Β· Security testing utilities
release : Published on PyPI
focus : Web Security Β· Automation Β· Offensive Security Tooling
status : Actively maintained and improved+ Backend systems engineering β Django, DRF, API architecture
+ Docker & Redis β containers, caching, real-time communication
+ Android development β Kotlin, Android Studio, application internals
+ Networking & security β traffic analysis, authentication flows, web security
~ Building security-focused and infrastructure-oriented projects
~ Learning through documentation, experimentation, and real-world systemsβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β β
β 01 Security is architecture, not a feature you add later β
β 02 Read the source. The docs lie. The code does not. β
β 03 Understand the protocol before touching the library β
β 04 Break systems deliberately. Fix them with precision. β
β 05 Automate the repeatable. Think harder on the novel. β
β 06 Clean code is a forcing function for clear thinking β
β 07 Know the failure modes before the system ships β
β β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
// commit trail
open to collaboration on:
[β] Backend API systems β Django, FastAPI, async architectures
[β] Security tooling β scanners, analyzers, audit libraries
[β] Infrastructure automation β Docker, CI/CD pipelines
[β] Monitoring & observability platforms
[β] Real-time communication backends β WebSocket, Socket.IO
[β] Developer utilities with real-world use cases
values:
clean architecture Β· readable code Β· technical transparency
security-aware design Β· meaningful documentation
