I'm a cybersecurity professional focused on detection engineering, threat intelligence, and security tooling. I build tools that enhance security visibility, automate threat detection, and help analysts work faster and smarter.

• 🔭 Currently building THMP — an open-source Threat Hypothesis Management Platform
• 🌱 Exploring applied ML for cybersecurity: anomaly detection, behavioural analysis, and deep learning for threat hunting
• 💬 Ask me about detection engineering, OSINT, or KQL
• 🌐 peterstollery.co.uk

An open-source, self-hostable web application for SOC analysts and threat intelligence teams to manage the full lifecycle of threat hypotheses — from intel ingestion through collaborative hunting, evidence collection, MITRE ATT&CK mapping, and reporting.

Stack: Python 3.12 · FastAPI · PostgreSQL · Redis · OpenSearch · MinIO · Docker Compose · TypeScript SPA
Highlights: Microservices architecture · Connector SDK (thmp-cdk) · OIDC auth · ATT&CK Navigator integration · PDF/STIX reporting · pluggable SIEM/TI integrations

• SigmaEye
  A Windows process monitoring toolkit integrating ETW and user-level monitoring with Sigma rules. Detects suspicious process behaviour, LOLBins usage, and real-time threats.

• Detections
  A detection engineering practice space with rules across 14 categories — written primarily in Sigma and optionally translated to platform-specific query languages.

• DragonForce Ransomware YARA
  YARA rules for identifying DragonForce ransomware samples, generated using yarGen from known malicious executables on MalwareBazaar. Includes raw and cleaned rulesets plus sample hashes.

• CVE-Search-Tool
  A Python tool that fetches and displays CVEs for assets using the NVD API — shows CVSS scores, severity ratings, and vector strings for efficient vulnerability management.

• OSINT Extension
  Browser extensions that let security professionals quickly pivot on indicators of compromise (IOCs) across popular OSINT platforms.

• KQL Assistant
  A VS Code extension providing Kusto Query Language (KQL) syntax checking, highlighting, and language support.

• GitHub Repo Monitor
  A Python script that monitors GitHub repositories and sends email notifications for new commits, with configurable intervals and multi-repo support.

A hands-on, 5-part blog series covering the full applied ML workflow for security practitioners — from data ingestion and feature engineering through to deep learning and capstone projects (2/5 parts complete on my website.