Benedict's Notebook
I write about vulnerability research, systems architecture, and the craft of building software that lasts. This is my digital notebook — long-form writings and short daily logs from the terminal.
SentinelMesh: An Autonomous Infrastructure Surveillance & Incident Response Fabric
An event-driven autonomous infrastructure monitoring platform ingesting telemetry streams through Spring Boot microservices, detecting anomalies with unsupervised Isolation Forest ML, correlating events into security incidents across a 60-second sliding window, and executing simulated mitigation workflows — all orchestrated over Apache Kafka with gRPC inter-service communication and real-time SSE dashboard streaming.
QuantFlow: Building an Institutional-Grade Algo Trading System for Indian Markets
An institutional-grade algorithmic trading system for the Indian equity markets — 15+ technical indicators, multi-timeframe confluence, Kelly Criterion risk management, and a 64% win rate on RELIANCE backtested over 15 days of live NSE data.
The Silent Invigilator: Real-Time Multi-Modal Exam Surveillance via Deep Geometric Inference and Spatiotemporal Anomaly Accumulation
A production-grade autonomous invigilation system fusing 3D geometric deep learning — MediaPipe Face Mesh, Perspective-n-Point head pose, iris-vector gaze tracking, and YOLOv8-based prohibited object detection — into a unified spatiotemporal risk accumulation engine operating across web, desktop, and mobile surfaces.
Predicting the Bureaucratic Black Box: Visa Processing Times with Machine Learning
A full-stack machine learning system that predicts visa application processing times from 25,480 historical records — Random Forest regression with a React frontend, Flask API on Vercel, and a live demo serving real-time predictions with confidence scoring.
AGSA Velour dynact:// Intent Injection — Exported Gateway Routing & Inner Intent URI Injection via data Parameter
A systematic security analysis of AGSA's intent routing matrix combining static DEX bytecode analysis with ADB-based dynamic testing — uncovering a Velour inner-intent injection primitive that allows attacker-controlled URIs to be stamped onto internal dispatch intents through the exported GoogleAppGatewayActivity.
The TestingTools That Never Left: Exported Debug BroadcastReceiver in Google Family Link
A production APK containing an exported, permission-less debug BroadcastReceiver from the GNP SDK's internal.debug namespace — 10 actions (3 hidden) providing read, write, delete, and sync access to GrowthKit state, gated only by a server-configurable Phenotype flag.
Project Apotheosis: The Singularity Report
A comprehensive analysis of recursive self-improvement, physical substrate bandwidth limits, the Orthogonality Thesis, computational irreducibility, and how the emergence of synthetic superintelligence represents a cosmic phase transition — complete with predictive models, simulations, and interactive timelines.
Timeline: The Intelligence Explosion (2025-2027)
A quarter-by-quarter projection of the path to AGI and recursive self-improvement — from the agentic shift through the data wall collapse, the energy crisis, weak AGI, and the singularity horizon. Each projection is grounded in current scaling trends, compute growth rates, and historical acceleration patterns.
Global Proxy Authenticator Credential Bleed Across Proxy Boundaries: A Deep Dive into Bazel's JVM Credential Leak
A JVM-global Authenticator in Bazel's ProxyHelper silently caches proxy credentials on first use and reuses them for ALL proxy endpoints in the same process — regardless of host, port, or realm. Demonstrated with a Proof of Concept, code-level analysis, and six real-world attack vectors that do not require TLS certificate installation.