i wear many hats.
i'm molly, i build and break things across the stack - not to do everything, but to have fun.
connect
feel free to reach out for collaborations or secure communication.
selected projects
Belfast
An open-source Azur Lane server emulator written in Go. High performance and scalable architecture.
semantic-chan
CLI / MCP / HTTP server designed to index huge codebase to allow semantic searching for humans or LLMs.
pgp-mfa
Proof of concept MFA authentication method using PGP keys.
jabberwock
An org-wide secrets scanner that runs on every GitHub push and routes hash-only findings to Slack and a read-only dashboard. Used at Galadrim.
research
responsible disclosures and vulnerability research highlights.
Santé Publique France
Reported an IDOR vulnerability that exposed pii.
Proton
Identified an issue with user data handling.
X (Twitter)
Reported a web & mobile DoS bug with Direct Messages.
writing
Postgres to ClickHouse, then the embeddings pipeline became the real migration
A ClickHouse backfill that surfaced a slow embedding worker, and the inference optimizations that made it behave like a GPU service (microbatching, TensorRT, caches, and the next bottleneck).
Secrets scanning for a 200+ repo GitHub org, with zero developer setup
An org-wide, push-triggered secrets scanner: webhook → Lambda → TruffleHog → hash-only findings → Slack + read-only dashboard.
From 4M comments to a style-controlled comment generator
How I turned 4M scraped comments into a style-controlled comment generator.
Why I built a semantic grep
I spend a lot of time auditing codebases I don’t understand. This is the tool I built so I could stop pretending I did.
Scanning IP ranges to find friends
How I built my own IP Scanner after tracking down someone that randomly connected to a Minecraft server using Shodan