Who Am I?

I'm Hana Omori, a cybersecurity researcher and incident responder who discovered my calling through lived experience—not theory.

What started as defending my own devices from persistent, sophisticated attacks evolved into building open-source security tools, conducting forensic investigations, and documenting real-world threat patterns that traditional security frameworks miss.

I don't just study cybersecurity. I've survived it, analyzed it, and built defenses against it.

How Did I Get Here?

The Pivot (2023-2024)

After 12+ years as a technical SEO expert working with enterprise clients, I experienced something that changed everything: a coordinated, multi-device compromise that persisted across factory resets, survived password changes, and exploited legitimate OAuth infrastructure.

Traditional security tools didn't detect it. Antivirus didn't flag it. The attack used valid credentials, legitimate apps, and trusted infrastructure—making it invisible to conventional defenses.

So I learned to see it myself.

From Victim to Researcher

I taught myself:

• Network traffic analysis (Wireshark, PCAP analysis)
• Mobile forensics (Android/iOS)
• Behavioral threat detection
• MITRE ATT&CK mapping
• Cross-device attack correlation

I captured 5,416 network connections over 6 hours, identified a 711KB data exfiltration through Firebase Cloud Messaging, and documented the entire attack chain with forensic precision.

That case study became the foundation of my work.

Building Real Solutions

Instead of waiting for the security industry to catch up, I built tools:

• Chaos Encryption Lock – Hardware-bound encryption using ambient EMF entropy and NFC authentication
• RF Defense System – Passive IMSI catcher and rogue cell tower detection
• StealthShark – Persistent Wireshark for continuous network monitoring
• Clock Stopper – NTP manipulation detector
• Pineapple Express – WiFi Pineapple detection tool

All open-source. All built from real incidents.

What I Do Now

Why My Approach Is Different

Most cybersecurity professionals learn from textbooks, labs, and simulations.

I learned from:

• 711KB of exfiltrated data
• 48-hour Spotify process runtimes
• 12-second precision attack timing
• OAuth tokens that survive password changes
• Carrier infrastructure queries persisting across 16 factory resets

I don't theorize about threats. I document them.

Every case study on this site is based on real forensic evidence—PCAP captures, process logs, timing analysis, and cross-device correlation. No speculation. No vendor fear-mongering. Just IOC-based observations and technique-level analysis.

The SEO Background (Still Relevant)

My 12+ years in technical SEO weren't wasted—they taught me:

• Systems thinking: Understanding how complex platforms interact
• Data analysis: Finding patterns in massive datasets
• Reverse engineering: Figuring out how things work without documentation
• Technical communication: Explaining complex concepts clearly

Turns out, analyzing Google's algorithm and analyzing attack patterns require the same skillset: obsessive attention to detail, pattern recognition, and the ability to see what others miss.

What Drives Me

I build security tools for the threats that traditional security ignores:

• Legitimate credential abuse (not malware)
• Cross-device attacks (not single-endpoint)
• Behavioral anomalies (not signature-based)
• Long-term persistence (not one-time breaches)

Because the most dangerous attacks don't look like attacks at all.

Let's Work Together

I'm available for:

• Incident response consulting – Behavioral threat analysis and forensic investigation
• Security tool development – Custom solutions for non-traditional threats
• Technical writing – Case studies, threat documentation, security guides
• Speaking engagements – Real-world attack analysis and defense strategies