Meeting Room 5
This is about the stuff that doesn't get written in runbooks - the actual experience of doing this job when your brain processes text differently and your management doesn't know, doesn't ask, or doesn't care.
awsomecloud.io
Welcome to where I document things I've built and figured out. Mostly things that were annoying to solve and deserve a doc, or things I find myself explaining too often. Easier to link to a detailed writeup than to type it again in a code review.
Building an AWS Pentest Skill for Claude Code
AWS pentests follow the same steps every time, so I built a Claude Code skill to handle them. Type /aws-pentest, pass it a profile, and it works through all eight phases autonomously.
SofaSecurity — A Cloud Pentesting Workbench
15 cloud pentesting tools, one web UI, zero manual installs. SofaSecurity bundles everything into a single Docker container so you can stop juggling terminals and start actually testing.
S3 Bucket Sniffing
S3 buckets are everywhere, and misconfigured ones are a gift to anyone who knows where to look. Here's how bucket sniffing works and what to do about it.
Kubernetes Scares Me, A Lot!
Kubernetes scares me, a lot. I've been somewhat lucky to avoid having to use K8s in EKS, AKS, or on bare metal, but I've started to feel a bit guilty — and to be honest, like there's a gap in my knowledge.