$ cat ~/.config/toolbox.yaml

Tools & Stack

Current security and workflow toolkit

# Infra & Cloud

→ GCP

Compute Engine / IAM / KMS / Kubernetes Engine and Cloud SQL

→ Cloudflare

DNS / Edge Computing (Workers) / Reverse Proxy

→ Terraform

IaC / Modules for tool deployment / Automation

→ Ansible

Config Management / Task Orchestration

→ GitLab

Git server / CI/CD Automation / Build agent

→ PostgreSQL

Selfhosted DB / In-cluster DB / Managed DB

# Security Stack

→ Tenable

Vulnerability Scanning / Exposure Management / ASV

→ Cloudflare

WAF / API Shield / DDoS Protection / TLS

→ BlackDuck

SAST / Software Composition Analysis / SBOM

→ SentinelOne

EDR / XDR / Incident Respone / STAR Automation

→ Azure

Identity Provider / SSO / Joiner-Mover-Leaver Automation / Exchange Server

→ Intune

Mobile Device Management

→ Kandji

MacOS Centralized Management

→ SumoLogic

Centralized Logging / SIEM / Monitoring and Alerting / Incident Response and Investigation

→ NewRelic

Distributed Tracing, Incident Response, APM

→ FortiGate

VPN Server and Client

→ IPQS

IP address data enrichment

→ WhoISXML

ReverseIP Lookups / ReverseDNS Lookups / Investigations

→ Maltego

Attack Surface Mapping / OSINT

→ Snyk

SAST / SCA

→ Wazuh

Host-based IDS/IPS

→ KnowBe4

Phishing Simulation / Security Awareness Training

→ OWASP Threat Dragon

Threat Modeling

# Workflow

→ Obsidian

What you use it for / approach / key insight

→ Postman

API testing / Documentation

→ VSCodium

IDE

→ Cursor

AI IDE

→ Excel

Love/Hate relationship

# Utilities

→ gcloud

Working with GCP / Scripting

→ nmap

Enumeration / Scripting

→ amass

Attack Surface Mapping

→ ssh

SSH-ing into things