Recent work

Privacy greenhouse

The Privacy Greenhouse is a metaphor-driven exploration of how privacy grows—or withers—in our digital environments. It maps how personal data flows, leaks, and mutates through everyday tech, helping individuals and organisations identify threats, understand attacker incentives, and cultivate healthier digital habits. Rooted in slow thinking and participatory threat modelling, the greenhouse offers tools and reflections for building privacy resilience in complex, shifting conditions.

Red wilds

Red is where the gloves come off. It maps the behaviours, tradecraft, and messy realities of determined adversaries—those who persist, escalate, and adapt. Drawing on the metaphor of a digital forest, the site explores lateral movement, privilege escalation, deception, and persistence with the cunning of foxes, raccoons, and other wild things. It is not a red team playbook; it is a survival guide for understanding and disrupting the adversary’s rhythm—without pretending the terrain is tidy or the attackers follow the rules.

Blue beacon

Blue focuses on building trustworthy systems—those that shine light through the fog of complexity and actually hold up under pressure. It deals with defence that is strategic, not just reactive: access control that respects privacy, logging that exposes signals (not noise), and data flows that are clear, auditable, and unclouded. Blue is for teams that want more than compliance—they want clarity, integrity, and the power to intervene before things break.

Under construction

PowerOn

PowerOn is a hands-on initiative focused on digital safety in high-risk, real-world settings—especially for shelters, survivors, and frontline support teams. It combines attacker-aware threat modelling with practical, self-hosted security infrastructure and guided workshops. Everything is designed for people without technical backgrounds: no cloud dependencies, no black boxes, and no assumptions. Just working systems that empower teams to detect, respond, and rebuild—on their own terms. Currently under development. Intended launch: January 2026

Secure shelter SIEM stack

The Secure Shelter SIEM Stack is a ready-to-deploy (nearly, still under construction), hardened Security Information and Event Management (SIEM) solution tailored for shelters and crisis centers. It provides real-time monitoring of network and endpoint activities to detect intrusions, stalkerware, and other abuseware from the moment of system boot. The stack includes pre-configured dashboards, daily threat intelligence updates, and TLS encryption to ensure data integrity and confidentiality. Designed for environments with limited resources, it offers a robust security posture without the need for extensive IT infrastructure. This solution empowers organizations to proactively safeguard their digital environments against emerging threats. Intended launch: January 2026

Pers – Open sustainability search

Pers is an open-source search engine designed to facilitate discovery and exploration of sustainability-related content. Built with Typesense, it offers fast and relevant search capabilities, enabling users to efficiently navigate through information on sustainability topics. Pers provides a user-friendly interface to access curated content, fostering informed decision-making and promoting sustainability awareness. It is deployed on Hetzner and is under further development.

Security detectors for Wazuh

The GitHub repository ninabarzh/security-wazuh-monitor is a modular security monitoring solution that integrates custom security detectors into the Wazuh platform using Docker. It is designed for testing and development environments, utilizing mocked data to simulate security events. Use cases:

• Security Training and Awareness: Ideal for training sessions where participants can learn to detect and respond to security incidents in a controlled environment.
• Development and Testing: Useful for developers and security engineers to test new detectors, rules, or configurations before production deployment.
• Demonstrations and Proof of Concepts: Suitable for showcasing the capabilities of Wazuh and custom security detectors to stakeholders or during security assessments.