Projects
-
An Agentic Workflow for YARA-L: Automatic Rule Generation with Gemini CLI and Chronicle
This is a small framework I put together to generate YARA-L detection rules with an LLM in a self-correcting feedback loop. It aims at automating Detection Engineering for Google SecOps (Chronicle)
-
Architecture overview: Designing a Self-Managing Linux Fleet
I needed an All-Terrain Linux fleet that could take care of itself: configure, monitor, patch, and protect itself across any environment. This post covers the architecture I designed to make that happen.
-
Agentic Sysadmin. No Playbooks, No YAML
This post shows the minimal proof of concept SSH tool I built for Opencode AI, and how it could be used to "talk to" remote machines.
-
Firewall Inception: My pfSense Lab with Proxmox, Cloudflared, and Tailscale
A simple pfSense ACL project turned into a homelab adventure: Proxmox networking, Cloudflared proxying, and Tailscale inception for remote access.
-
Building a Remote SDR “Observatory” with Proxmox and Tailscale
I turned an RTL-SDR dongle in my homelab into a full-time, remote-access RF observatory. This guide covers setting up a Proxmox VM as an SDR server with rtl_tcp, securing it over Tailscale, and streaming signals to GQRX from anywhere in the world.
-
Logs as Code: Building Iris
A weekend project turned into Project Iris - A serverless ETL pipeline that bridges the gap between modern vulnerability management and SIEM platforms. This first post dives into the first decisions, challenges, and lessons learned in building a cost-effective, secure, and scalable solution using Google Cloud Platform.
-
Termbot Use Cases
Useful ways to leverage Termbot as a Linux CLI LLM tool. From piping/redirecting stdout to reading text from local files, it allows for several combinations of "data chaining"