MF Meidie Fei
Security analyst portfolio

Security projects recruiters can open, test, and review.

I am Meidie Fei, an RMIT Master of Cyber Security student and MDP Studio co-founder. This page focuses on deployed work and public repositories: payment-scam protection, phishing analysis, Windows endpoint triage, secure software, cryptography, cloud deployment, and CI/CD automation.

View work Email
payshield.mdpstudio.com.au Live screenshot of PayShield payment scam firewall dashboard ctool.mdpstudio.com.au Live screenshot of CryptoToolkit cryptography modules
8public security projects
103SecureVote tests
10RMM tool families covered
3.3RMIT program GPA

Case studies

Projects chosen for security evidence, not volume.

The strongest recruiter signals now lead with payment-scam decisioning, detection engineering, endpoint triage, secure software, and cryptography. Use the filters to scan by role relevance.

Live screenshot of PayShield payment scam firewall dashboard
Live demoPayment risk

PayShield

Payment-scam firewall for invoice-heavy teams, returning SAFE, VERIFY, or do-not-pay-until-verified decisions with evidence.

 SecureVote election management dashboard
103 testsSecure software

SecureVote

Anonymous voting, encrypted PII, audit integrity, WAF rules, and concurrency checks.

 Live screenshot of CryptoToolkit cryptography modules
36 modulesCrypto attacks

CryptoToolkit

Real attack labs for nonce reuse, padding oracles, RSA, hash extension, DH, and GCM.
Live screenshot of PayShield payment scam dashboard
BEC defenseMCP toolSaaS

PayShield

Payment-scam firewall for invoice fraud, supplier impersonation, and BEC-style payment redirection.

  • Maps email evidence to payment actions: SAFE, VERIFY, or DO_NOT_PAY_UNTIL_VERIFIED.
  • Uses real payment-email evidence with plan-gated checks and safety boundaries around mailbox access, API use, and payment release.
  • Exposes a CLI and MCP tool so an accounts-payable agent can request a grounded payment decision before release.
About this project

PayShield is an early product prototype for payment-scam protection. Built by Meidie Fei, it turns payment-related email evidence into a business decision a finance team or accounts-payable agent can act on before money moves.

3payment decisions
MCPagent boundary
Live demo GitHub
Live screenshot of PhishAnalyze phishing detector
DetectionFastAPIMITRE

PhishAnalyze

Email-risk analysis platform designed around evidence collection, explainable verdicts, and analyst workflow.

  • Analyzes SPF, DKIM, DMARC, URLs, domains, attachments, QR codes, and brand impersonation signals.
  • Maps phishing evidence to MITRE ATT&CK T1566 coverage, STIX 2.1 IOCs, and Sigma-style outputs.
  • Shares a deployed SaaS backend with PayShield while keeping the scanner and payment product separated.
About this project

PhishAnalyze is the broader email-analysis workflow behind the phishing side of the platform. Built by Meidie Fei, it works with real suspicious-email evidence and turns headers, URLs, attachments, and content signals into an explainable analyst verdict.

0.95sample corpus F1
12MITRE mappings
Live demo GitHub
RMM Hunter desktop scan dashboard showing high-risk endpoint triage findings
Endpoint triageElectronUnsigned beta

RMM Hunter

Windows endpoint scanner for unauthorized remote access tools, living-off-the-land traces, and local trust-health signals.

  • Collects installed apps, services, scheduled tasks, startup entries, event logs, recent installers, Defender events, and system trust-health checks.
  • Uses deterministic verdicts: clean, needs_review, or high_risk, without deleting files, stopping services, or changing system settings.
  • Publishes beta Windows releases with SHA256/provenance verification while trusted code signing is still pending.
About this project

RMM Hunter is a public beta endpoint-triage tool by Meidie Fei for reviewing suspicious RMM activity and Windows trust signals. The project is portfolio-ready, but release notes are explicit that current Windows builds are unsigned until a trusted code-signing route is approved.

10RMM families
0.1.5beta release
GitHub Releases
SecureVote election management dashboard showing admin controls
Secure softwareVaultWAF

SecureVote

Secure electronic voting platform focused on anonymity, encrypted PII, integrity, and defensive controls.

  • RSA blind signatures, ChaCha20-Poly1305 encryption, HMAC blind indexing, and HMAC-backed audit logs.
  • RBAC, CSRF protection, MFA, rate limiting, ModSecurity CRS, and Vault Transit signing.
  • Includes race-condition checks around concurrent vote casting.
About this project

SecureVote is a secure-software case study rather than a public voting service. Completed and hardened by Meidie Fei, the value is in the threat model, cryptographic design, defensive controls, and tests around a high-risk workflow.

103pytest tests
10thread race checks
GitHub
Live screenshot of CryptoToolkit modules
CryptographyTypeScriptLearning platform

CryptoToolkit

Interactive cryptography platform where attacks run for real and modules are backed by known test vectors.

  • Padding oracle, nonce reuse, hash extension, RSA, Diffie-Hellman, and GCM attack demonstrations.
  • NIST and RFC vectors for AES, AES-GCM, SHA-256, and HMAC.
  • Built for teaching, but structured around reproducible technical behavior.
About this project

CryptoToolkit is a deployed learning lab by Meidie Fei for security concepts that are hard to understand from static notes. Each module is built to make the failure mode visible, reproducible, and testable in the browser.

36modules
95tests
Live demo GitHub
AES-GCMArgon2idPyPI

AES Secure Vault

Python package and CLI for authenticated encryption with an explicit threat model and fuzz testing.

  • AES-256-GCM with Argon2id and AAD-bound envelope metadata.
  • KDF downgrade prevention, tamper detection, and malformed payload rejection.
  • Published as a package for repeatable use and review.
About this project

AES Secure Vault is a published package by Meidie Fei for practicing defensive crypto API design. It focuses on authenticated encryption, metadata binding, and clear failure behavior for corrupted or tampered payloads.

CLIpackage interface
Fuzzproperty checks
GitHub PyPI
GitHub ActionsCloudflareNetlify

Cloudflare DNS Action

Deployment automation for connecting Netlify custom domains to Cloudflare DNS with idempotent behavior.

  • Attaches custom domains, upserts CNAME records, and can wait for SSL certificates.
  • Uses dry-run, create-only, retry, and scoped-token patterns.
  • Now powers this portfolio deployment at meidie.mdpstudio.com.au.
About this project

This action packages a repeated MDP Studio deployment task by Meidie Fei into a reusable CI tool. It is designed for small sites where custom-domain setup should be repeatable, scoped, and safe to rerun.

CIlint, test, bundle
DNSsafe upsert
GitHub
Live screenshot of Cyber Command Center dashboard in guest mode
Supabase RLSReactNetlify

Cyber Command Center

Cybersecurity training tracker with guest mode, synced accounts, Row Level Security, and security headers.

  • Tracks 49 tasks across 6 phases and 240+ hours of structured training.
  • Uses Supabase Auth and Row Level Security for account data.
  • Deployed with Netlify headers and Docker support.
About this project

Cyber Command Center is a deployed training and operations dashboard by Meidie Fei. It shows how guest access, account data, auth boundaries, and security headers can be put together in a small production-style app.

49training tasks
RLSdata protection
Live demo GitHub

Evidence matrix

How the work maps to analyst responsibilities.

This is the shortcut for hiring managers: what I can help with, where the evidence is, and what to click.

Analyst task
Evidence
Project
Block payment scams

Invoice-fraud and supplier-change evidence mapped to SAFE, VERIFY, or DO_NOT_PAY_UNTIL_VERIFIED before money moves.

PayShield
Triage findings

Weighted phishing score, confidence handling, analyzer evidence, MITRE T1566 mapping, and STIX export.

PhishAnalyze
Investigate endpoints

RMM tool detection, service and scheduled-task review, PowerShell traces, Defender events, trust-health checks, and non-destructive next steps.

RMM Hunter
Review secure code

Auth, RBAC, CSRF, MFA, encryption boundaries, WAF rules, audit logs, and race-condition tests.

SecureVote
Understand attack paths

Hands-on implementations of padding oracles, nonce reuse, hash extension, RSA, DH, and GCM failures.

CryptoToolkit
Support cloud workflows

GitHub Actions, Netlify deploys, Cloudflare DNS automation, SSL checks, and security headers.

DNS Action

Background

Builder, student, and communicator.

The portfolio is the proof layer. This is the context behind it: security study, production delivery, and teaching experience.

MDP Studio - Co-Founder and Developer

Melbourne-based web design and AI implementation studio. Built production websites, automation pipelines, Supabase-backed admin patterns, HTTPS-backed Netlify deployments, DNS automation, and practical security headers.

Software Programming Instructor - KodeKiddo

Taught programming fundamentals to students aged 6-18, including Android development and Unity game development. Built the habit of explaining technical concepts clearly.

Data Assistant - BKPSDM

Reviewed, verified, and corrected government HR data. Developed attention to integrity, consistency, and structured governance processes.

Contact

Open to security analyst, SOC, junior pentest, AppSec, security engineering, and risk advisory roles.

Best fit: teams that value practical builders who can investigate findings, explain risk clearly, and work with engineers to close issues. Vulnerability reports for this portfolio should use the security policy so reports stay private and scoped.

Email Meidie Report security issue Security policy GitHub
Portfolio pitch copied