Projects

Small businesses handling WhatsApp inquiries manually were losing hours a day to repetitive questions — slow responses, frustrated customers, no way to scale support efficiently.

An automated classification and response system. Incoming WhatsApp messages are categorised and answered automatically within 10 seconds, 24/7. A staff dashboard provides full visibility and control over conversations that escalate to human handling.

• Designed and built the staff account management system with role-based access control (RBAC)
• Built a Security Centre with full audit logging of every user action — timestamps, IP addresses, event types
• Implemented automated account lockout after repeated failed login attempts to prevent brute-force attacks
• Created an access reports dashboard for managers to review activity across all staff accounts
• Applied OWASP session management principles — secure cookies, session expiry, CSRF-safe forms

Security and usability have to work together — building features strict enough to protect the system but seamless enough that staff don't find them frustrating. Taught me to debug real issues under pressure and think from the perspective of both a developer and an end user.

The CCA needed an online presence — somewhere for current and prospective members to find schedule info, achievements, and club background. No budget, no CMS.

• Static responsive multi-page website — Home, Achievements, Schedule, and About pages
• Mobile-first layout — most students browse on phones, so responsiveness was a primary concern
• Clean, readable design with no external dependencies beyond Bootstrap grid

Keeping things simple isn't easy. Resisting the urge to add unnecessary features and focusing on what the actual users need was the most important decision I made on this project.

• HackTheBox — machine-based challenges for network enumeration, service discovery, and exploitation
• TryHackMe — guided learning paths for networking, Linux, and web security fundamentals
• OverTheWire Bandit — Linux fundamentals, file permissions, privilege escalation via wargames

• nmap for service and port discovery
• Bash scripting for automation and enumeration
• File permission analysis, SSH tunnelling, and setuid binary exploitation
• Basic privilege escalation vectors on misconfigured Linux systems

Understanding why a vulnerability exists matters more than knowing how to exploit it. This perspective directly shaped how I wrote Nessus findings at ST Engineering — framing each issue as a real business risk, not just a checkbox. I document everything on writeups.travisteo.com.

• Registered travisteo.com through Exabytes Singapore
• Configured Cloudflare as a reverse proxy with DNSSEC enabled and SSL/TLS Full (Strict) mode
• Created and managed DNS records for six subdomains pointing to GitHub Pages repositories
• Set up email forwarding — [email protected] routes to my main Gmail without running a mail server
• Each subdomain is a separate GitHub Pages repo, allowing independent deployments

travisteo.com · portfolio.travisteo.com · projects.travisteo.com · resume.travisteo.com · writeups.travisteo.com · contact.travisteo.com

Practical DNS management, DNSSEC concepts, SSL/TLS configuration, and Cloudflare proxying to protect origin IPs. Applied security hardening principles from my ST Engineering internship to my own infrastructure.