I just click buttonshas been my way to move forward through seemingly complex situations rather than overcomplicating them; it's my version of Dori's "just keep swimming", my HS wrestling coach's version of "just put on your pants one leg at a time" or whoever said "just put one foot in front of the other" (I think that was my drill sergeant)- hackIDLE is where I capture most of my digital garden of open notes, ideas, and research related to all things security and tech
- cloud security audit/assessment tooling & automation - grc engineering
- container security and general docker, kubernetes, and helm stuff
- supply chain security - SBOM, Sigstore, distroless/minimal images (Chainguard)
- ci/cd security, pipelines, supply chain stuffs (Jenkins, GitHub Actions, GitLab CI ish)
- local LLMs & AI red team tooling - fine-tuning models on security datasets
- AI/ML security and governance (adversarial ML, ISO 42001)
- cloud red teaming across AWS, Azure, and GCP
- observability stuffs - prometheus, grafana, ELK Stack
- rust based blockchains (solana & injective)
| Platform | Description |
|---|---|
| hackIDLE Youtube | tech/security videos, tooling walkthroughs, and demos |
| hackIDLE | obsidian-powered notes, research, and living docs |
| ethantroy.dev | personal site - projects, labs, guides, and cert reviews |
| killercoda | interactive labs and scenarios (AWS, Chainguard, Istio) |
| my medium | occasional write-ups and blogs |
| Platform | Description |
|---|---|
| my gitlab | not much over there for now tbh |
| my huggingface | currently working on fine-tuning some local LLMs |
| my ollama profile | local LLMs and fine-tuned security models |
| my google dev profile | google dev profile |
| Project | Description |
|---|---|
| obsidian MarkItDown | using Microsoft's MarkItDown library to convert PDFs, PPTs, and Word(docx) documents into markdown |
| DamnVulnerableTrustCenter | intentionally vulnerable trust center to demo security considerations |
| NIST-CMVP-API | API wrapper for NIST Cryptographic Module Validation Program |
| NIST-CMVP-CLI | CLI tool for querying NIST CMVP data |
| okta inspector | okta multi-framework compliance audit tool (FedRAMP, DISA STIG, IRAP, ISMAP, SOC 2, PCI) |
| vanta-go-export | CLI tool to export Vanta audit evidence organized by control with TUI |
| hugo-portfolio-demo | ready-to-deploy portfolio template for cybersecurity professionals |
| GoogSec | google product security resource - mostly GCP related |
| Project | Description |
|---|---|
| HackIDLE-NIST-Coder | fine-tuned model for NIST cybersecurity standards (530K+ examples) |
| fedramp-docs-mcp | MCP documentation server using the official FedRAMP/docs repo |
| wilma | security auditing for AWS Bedrock with GenAI security checks |
| nist-cybersecurity-training | 531k row dataset for NIST cybersecurity training |
| Open Source Security Compliance | HuggingFace collection of compliance datasets and models |
| Training | Description |
|---|---|
| istio + FedRAMP scenario lab | guided lab: walkthrough of Istio for a FedRAMP-like env |
| AWS CLI Sandbox with LocalStack | interactive AWS CLI playground - practice AWS commands safely without costs |
| Introduction to Chainguard Images | secure, minimal container images with SBOM attestation and Sigstore verification |
| Project | Description |
|---|---|
| prowler | FedRAMP 20x configurations |
| learntocloud.guide - phase 5 | cloud security fundamentals for junior cloud engineers |
