I just click buttonshas been my way to move forward through seemingly complex situations rather than overcomplicating them; it's my version of Dori's "just keep swimming", my HS wrestling coach's version of "just put on your pants one leg at a time" or whoever said "just put one foot in front of the other" (I think that was my drill sergeant)- hackIDLE is where I capture most of my digital garden of open notes, ideas, and research related to all things security and tech
- GRC engineering — compliance automation, policy as code, continuous assurance
- building AI agents and MCP servers for security & compliance workflows
- Go terminal UIs for security data (NIST CMVP, CISA KEV, FedRAMP)
- cloud security audit tooling across AWS, Azure, and GCP
- container security — distroless/minimal images, supply chain security (SBOM, Sigstore, Chainguard)
- AI/ML security and governance (adversarial ML, ISO 42001)
- fine-tuning models on cybersecurity and compliance datasets
| Platform | Description |
|---|---|
| hackIDLE Youtube | tech/security videos, tooling walkthroughs, and demos |
| hackIDLE | obsidian-powered notes, research, and living docs |
| ethantroy.dev | personal site - projects, labs, guides, and cert reviews |
| killercoda | interactive labs and scenarios (AWS, Chainguard, Istio) |
| my medium | occasional write-ups and blogs |
- Anxiety is just blocked energy.
ethantroy.com - Thank You for Coming to Life
ethantroy.com - Ahead of the Times
ethantroy.com
- You Can Standardize Principles, Not Methodologies.
medium/@ethanolivertroy - Our Biggest Security Blind Spot is Still the Browser
medium/@ethanolivertroy - Quick HEIC to PNG Conversion on macOS
ethantroy.dev
| Project | Description |
|---|---|
| fedramp-docs-mcp | MCP documentation server using the official FedRAMP/docs repo |
| okta-inspector | multi-framework compliance audit tool (FedRAMP, DISA STIG, SOC 2, PCI) |
| awesome-grc-ai | curated list of AI + GRC resources: governance frameworks and compliance tools |
| awesome-grc-engineering | curated resources for GRC engineering: automation, policy as code, continuous compliance |
| vanta-go-export | Go CLI to export Vanta audit evidence organized by control with TUI |
| NIST-CMVP-API | API wrapper for NIST Cryptographic Module Validation Program |
| mesh-security | service mesh security analyzer with NIST 800-53 compliance mapping (Istio, Consul, Linkerd) |
| dynamic-cryptographic-modules-table | dynamic table for exploring NIST cryptographic modules data |
| Project | Description |
|---|---|
| cmvp-tui | terminal UI for searching NIST CMVP validated modules |
| kevs-tui | terminal UI for CISA Known Exploited Vulnerabilities catalog with EPSS scores |
| fedramp-tui | terminal UI for browsing FedRAMP docs data |
| Project | Description |
|---|---|
| claude-plugins | my Claude Code plugins collection |
| claude-grc-agent | GRC agent built with the Claude Agent SDK |
| nist-cybersecurity-skills | Claude Code plugin with NIST framework references (SP 800-53, 800-171, CSF 2.0) |
| wilma | AWS Bedrock security configuration checker |
| antigravity-skills | Google Antigravity agent skills for document processing |
| Project | Description |
|---|---|
| obsidian-markitdown | Obsidian plugin using Microsoft's MarkItDown to convert PDFs, PPTs, and DOCX to markdown |
| hugo-linear-sync | reusable GitHub Action to sync Hugo content with Linear issues |
| Project | Description |
|---|---|
| DamnVulnerableTrustCenter | intentionally vulnerable trust center to demo security considerations |
| DamnVulnerableCryptoWallet | intentionally vulnerable crypto wallet |
Homebrew, Scoop, and Winget manifests for my security & compliance CLI tools: homebrew-sectools · scoop-sectools · winget-pkgs
| Project | Description |
|---|---|
| HackIDLE-NIST-Coder | fine-tuned model for NIST cybersecurity standards (530K+ examples) |
| nist-cybersecurity-training | 531k row dataset for NIST cybersecurity training |
| Open Source Security Compliance | HuggingFace collection of compliance datasets and models |
| Training | Description |
|---|---|
| istio + FedRAMP scenario lab | guided lab: walkthrough of Istio for a FedRAMP-like env |
| AWS CLI Sandbox with LocalStack | interactive AWS CLI playground - practice AWS commands safely without costs |
| Introduction to Chainguard Images | secure, minimal container images with SBOM attestation and Sigstore verification |
| Project | Description |
|---|---|
| prowler | FedRAMP 20x configurations |
| learntocloud.guide - phase 5 | cloud security fundamentals for junior cloud engineers |
| Project | Description |
|---|---|
| hackspacecon-2023 | workshop & talk slide decks from HackSpaceCon |
| nmap-GPT | AI-powered nmap wrapper for learning open port security |
| cissp-examprep-2023 | CISSP certification exam prep materials |
| Platform | Description |
|---|---|
| my gitlab | not much over there for now tbh |
| my huggingface | fine-tuning local LLMs and compliance datasets |
| my ollama profile | local LLMs and fine-tuned security models |
| my google dev profile | google dev profile |
