I just click buttonshas been my way to move forward through seemingly complex situations rather than overcomplicating them; it's my version of Dori's "just keep swimming", my HS wrestling coach's version of "just put on your pants one leg at a time" or whoever said "just put one foot in front of the other" (I think that was my drill sergeant)- hackIDLE is where I capture most of my digital garden of open notes, ideas, and research related to all things security and tech
- cloud security audit/assessment tooling & automation - grc engineering
- container security and general docker, kubernetes, and helm stuff
- supply chain security - SBOM, Sigstore, distroless/minimal images (Chainguard)
- ci/cd security, pipelines, supply chain stuffs (Jenkins, GitHub Actions, GitLab CI ish)
- local LLMs & AI red team tooling - fine-tuning models on security datasets
- AI/ML security and governance (adversarial ML, ISO 42001)
- cloud red teaming across AWS, Azure, and GCP
- observability stuffs - prometheus, grafana, ELK Stack
- rust based blockchains (solana & injective)
| Platform | Description |
|---|---|
 hackIDLE Youtube |
tech/security videos, tooling walkthroughs, and demos |
 hackIDLE |
obsidian-powered notes, research, and living docs |
 ethantroy.dev |
personal site - projects, labs, guides, and cert reviews |
 killercoda |
interactive labs and scenarios (AWS, Chainguard, Istio) |
 my medium |
occasional write-ups and blogs |
| hacks | archive of my old Jekyll blog (migrating into hackIDLE) |
| Platform | Description |
|---|---|
 my gitlab |
not much over there for now tbh |
 my huggingface |
currently working on fine-tuning some local LLMs |
| π€ HackIDLE-NIST-Coder on Ollama | fine-tuned AI model specialized in NIST cybersecurity standards |
 my google dev profile |
google dev profile |
| Project | Description |
|---|---|
 obsidian MarkItDown |
using Microsoft's MarkItDown library to convert PDFs, PPTs, and Word(docx) documents into markdown |
 okta inspector |
okta multi-framework compliance audit tool (FedRAMP, DISA STIG, IRAP, ISMAP, SOC 2, PCI) |
 wilma-aws bedrock sec config tool |
security auditing for AWS Bedrock with GenAI security checks |
| π€ HackIDLE-NIST-Coder | fine-tuned AI model specialized in NIST cybersecurity standards (530K+ examples, 596 NIST docs) |
| π vanta-auditor-interface | archived POC web app for Vanta's Auditor API - local interface for compliance evidence |
| π vanta-auditor-tui | archived terminal UI for exporting Vanta audit evidence |
| hugo-portfolio-demo |
ready-to-deploy portfolio template for cybersecurity professionals |
| prowler contributor | added new IAM checks for AWS security assessment; FedRAMP 20x Configurations (pending) |
| Training | Description |
|---|---|
 istio + FedRAMP scenario lab |
guided lab: walkthrough of Istio for a FedRAMP-like env |
 AWS CLI Sandbox with LocalStack |
interactive AWS CLI playground - practice AWS commands safely without costs |
| π Introduction to Chainguard Images | secure, minimal container images with SBOM attestation and Sigstore verification |
| Project | Description |
|---|---|
 learntocloud.guide- phase 5: cloud security fundamentals |
cloud security fundamentals for junior cloud engineers (but also for budding cloudsec engineers) |
 GoogSec - google product security |
a resource for google product related security concerns - mostly GCP related now |
