appFeatured

Enterprise API Security Scanner

A mission-critical security tool designed to identify exposed API credentials in public repositories. Features a high-performance .NET 9 backend with CQRS architecture, a Next.js frontend for real-time monitoring via SignalR, and an automated verification bot engine. Deployed via Docker Compose with PostgreSQL persistence.

2024

3 months

Full Stack Engineer

View Code

1The Challenge

DevOps teams often leak credentials in CI/CD logs or public repos. Manual detection is slow and error-prone. The challenge was to build a system that could scan millions of lines of code in real-time and verify key validity without triggering rate limits.

2The Solution

Engineered a distributed scanning architecture. The Scraper Bot feeds potential keys into a localized queue, which the Verifier Bot processes using a plugin-based provider system. Used SignalR to push live alerts to the dashboard instantly. Implemented comprehensive rate-limiting and user-managed overrides.

3The Results

Scans 100+ repositories per minute

Real-time alerts via WebSocket/SignalR

Modular 'Provider' architecture for easy extension

Full Docker containerization for one-click deploy

Tech Stack

.NET 9 WebAPI

High-performance Backend

Next.js 14

Real-time Dashboard UI

PostgreSQL & EF Core

Relational Data Persistence

SignalR

Live WebSocket Communication

Docker Compose

Microservices Orchestration

Technologies

.NET 9Next.jsDockerSignalRPostgreSQL

Interested in working together?

Get In Touch View More Projects