Skip to content
View Kfir-G's full-sized avatar
πŸ§‰
πŸ§‰

Block or report Kfir-G

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
Kfir-G/README.md

🦁 About Me:

Hi! I'm Kfir Gisman. I tackle software engineering challenges as if solving complex puzzles, leveraging my engineering mindset. My forte lies in translating human language requirements into high-level, robust projects, drawing on extensive experience in data analysis, security research, and software engineering. Having worked in successful startup and large corporations, I seamlessly integrate diverse approaches into modern project workflows. Moreover, I share insights on various topics through my Medium blog.

πŸ“‘ Social

LinkedIn Gmail Medium Dev.to


πŸ”§ My Skills:

Technical

  • Backend: Python, SQL (on MS-SQL and MongoDB, Mongoose), ASP.NET, CCEC. JavaScript and Node.js. Bash.
  • OOP: C# and Java (both include GUI). C.
  • Cloud: AWS, GCP, Azure, AliCloud. IaC: Terraform, Ansible. CICD Hardening: Github Actions. Docker, K8S.
  • Data: Python (pandas), social network analysis (SNA), Knowledge at data analytics life cycle, data preparation, linear and logistic regression, classification and evaluation, random forests, decision trees, KNN, SVM, unsupervised algorithms. Social Network Analysis using ORA and Gephy.
  • Frontend: React, HTML, CSS, AJAX, API rest, Firebase, bootstrap, JavaScript.
  • Operating Systems: Linux, MacOS, Windows.

    DockerK8SPythonTerraformGITLABCC#JAVANode.JSSQLASP.NETRESTAPIJQUERYJSONXMLFIREBASEGITHUBVISUAL-STUDIOVISUAL-STUDIO-CODEHerokuMongoDB PostManHTML5CSS

Udemy Courses & Certificates

Docker and K8S: Docker Mastery: with Kubernetes +Swarm from a Docker Captain
Node.js: Udemy- The Complete Node.js Developer Course

πŸ”¬ Other Knowledge
  • Back & Front End
    - HTML - CSS - ASP.NET - Node.JS - API rest - AJAX - JSON - XML - Firebase - Web API - CCEC - No-SQL - Data Set - MondoDB - Postman - Heroku - Studio 3T - MondoDB Compass
  • JAVA
    advanced concepts in Java object-oriented programming such as polymorphism, abstract Classes, interface realization, exception hierarchy. Event driven programming based on polymorphic event handlers, design and implement software systems in Java GUI.
  • Big-Data
    knowledge at data analytics life cycle, data preparation, linear and logistic regression, classification and evaluation, random forests, decision trees, KNN, SVM, unsupervised algorithms, using GoogleColab.
  • SNA- Social Network Analysis
    Data collection and data integration, statistical and other research, and data testing. The basics of network theory, nodes and connections, types of nodes and activities, and three levels of presenting them. Calculating and understanding key metrics of players and opinion leaders, finding groups in the network, topology of the network, networks Randomness, Scale Free Networks, and models of network development and the movement of epidemics and rumors on the network.
  • UX/UI
    Ux design process includes: Functional chunks, Conceptual elements, Navigation map and policy, Wireframes, Mockups.
  • Computer Architecture
    learning Combinational Building Blocks such as Multiplexers, Decoders, Latches and Flip-Flops: SR Latch, D Latch D Flip-Flop, Register, MIPS R2000 language and single cycle architecture.
  • Operating Systems
    learning operating systems structure (kernel approaches, dual mode operations, preemptive/non-preemptive OS’s), processes and threads (client-server systems, RPC, pipes, threads dispatching, high-level of thread scheduling), synchronization and mutual exclusion, deadlocks, CPU thread-scheduling (scheduling algorithms and priorities, Mars-Rover project, starvation). Codding in Java and C# in WIN32 API.
  • Software Engineering
    learning Imparting concepts in software engineering and methods of analysis and design, presenting the development stages of a software system, including definition Requirements, formalization of requirements and their analysis and software design. Learn UML diagrams such as: Use Case Diagrams, System Sequence, Activity Diagrams, and Interaction Diagrams.

πŸ“š Publications, Blogs and Lectures

How to Write an Effective README File β€” A Guide for Software Engineers- Published in Stackademic. This blog emphasizes the importance of creating clear and comprehensive README files for software projects, highlighting their role in enhancing collaboration, communication, and long-term project sustainability.

Enhancing Software Architecture through Comprehensive Testing in Backend Development- Published in Python in Plain English.Discusses the importance of incorporating comprehensive testing into backend development to ensure code quality and resilience. He explains a three-layered architectural approach (Controller, Service, Data Access) and outlines different types of tests (True Positive, False Positive, Error Handling) to cover a wide range of use cases and scenarios.

Solving Logs Woes: A Small Dive into Singleton Design Pattern- Published in Python in Plain English. Describes my experience incorporating logging into a Python software project, initially encountering difficulties with writing logs from files but overcoming the issue by implementing the Singleton Design Pattern, ensuring a single instance of the Logger class exists throughout the program's execution. They explain the Singleton pattern's concept, implementation in Python, benefits, considerations, and its role in resolving their logging issue, emphasizing streamlined and centralized logging.

Shell injection in GitHub Actions CI/CD- The article describes the security risks of using pull_request_target event in GitHub Actions, and how an attacker can exploit shell injection to run malicious commands or scripts in the workflow.

Motivating the average developer to engage in DevSecOps - Lecture- Presentation at the DevSecOps Spain Community on Docker Security. I offered a hands-on experience for the audience, during which we coded together and investigated vulnerabilities in containers.

Why IMDSv1 is a Security Risk for Cloud Infrastructure- The article discusses the security risks of using IMDsv1, a metadata service for cloud infrastructure, and how an attacker can exploit it to gain access to sensitive information or execute commands on the cloud instances.

Why You Should Disable Cloud Storage Bucket Versioning- The article explains why cloud storage bucket versioning can be a security risk and a performance bottleneck, and suggests some alternatives to achieve data durability and availability.

PyPI Suspends New Registrations After Malicious Python Script Attack- Published in Checkpoint. Supply chain attacks targeting PyPi packages, exemplified by a recent incident involving 44 malicious packages uploaded, underscore the importance of verifying Python code sources to prevent system compromise and data exposure, emphasizing the need for robust security measures like CloudGuard Spectral to safeguard against such threats.

πŸ“° Archive of Blog

πŸ“° Archive of Projects
  • JamFinder My friends and I created JamFinder, an app that helps musicians find partners based on their musical preferences and Spotify listening data, using an algorithm based on SNA. The app filters, scores and ranks potential partners according to their proximity in a network of 2500 Spotify genres and 30 musical communities

  • Hack IDC 21 Tool of home contents insurance without an insurance reviewer- consists of an algorithm that identifies objects in the space of the room with the help of a telephone camera and helps the user to quickly fill in insurance along with cross-referencing his personal details. With these components they gave insurance pricing to the user. The solution is agile and efficient with documentation and evidence used by both parties for transparency between them.

  • Watch List Management Website - Website's link
    Developed Front and Backend project from scratch: customer watch list of series form TMdb data base. The website includes admin panel with users’ statistics, recommended series based on several parameters, real time chat base on firebase with changing emojis. Using API.net, JQUERY, JSON, SQL, Firebase, JavaScript, HTML and CSS.

  • Nightclub Management Tool Project Developed customer management information system as part of a university project, using Java and fully documented in JavaDoc.

  • Software Engineering Documentation Includes Requirements Definition: Functional Requirements, Quality Requirements,System Architecture. Requirements Specification: Use Case Diagram, Glossary of UC, Actors Table, Traceability Matrix, Activity Diagrams. Design: Class Diagram.

  • Monopoly Game Front End Game

  • Chat Room App This project bulid in Node.js and is used purely for learning exercises and the course content should not be interpreted as something I've created on my own. It uses the Socket.IO library to allow users to join particular rooms and chat with other users within those rooms. b

  • Task Manager Project The Task Manager Project is written using ES6/7 JavaScript and uses Express to create a simple Node web server that allows users to create, store and delete tasks.

  • Weather Wesite Weather App build in Node.js and using weather api and map box api

  • Other Projects: Chat Room App | Task Manager Project | Weather Wesite

Pinned Loading

  1. passkeys-js-demo passkeys-js-demo Public

    Demo of passkeys auth method

    JavaScript

  2. passkey-passwordless passkey-passwordless Public

    Forked from DigitallyRefined/passkey-passwordless

    An example Passkey application showing how passwordless registration and authentication journeys work.

    TypeScript