My Favorite Tools
Linux System Administration Skills
Core System Management
- Installing and configuring Linux distributions (CentOS, RHEL, Ubuntu)
- Managing users, groups, and permissions
- Configuring system services (systemd, cron, journald)
- Package management using yum, dnf, apt
Files & Storage
- Disk partitioning, mounting
- Filesystem tuning, maintenance, and backup strategies
- NFS and SMB shares setup and troubleshooting
- Automating cleanup and archival of logs
Security & Hardening
- SSH configuration and access control (key-based auth, fail2ban)
- Firewall setup (firewalld, iptables, nftables)
- SELinux and AppArmor policy management
- Regular system patching and vulnerability remediation
Monitoring & Performance
- Real-time resource monitoring with top, htop, iotop, vmstat
- Log analysis via journalctl, /var/log, and custom scripts
- System performance tuning
- Integration with tools like Splunk, Prometheus, Grafana
Automation & Scripting
- Bash scripting for routine task automation (backups, updates, reporting)
- Ansible playbooks for configuration management and patch orchestration
- Scheduling jobs via cron, at, and systemd timers
- Infrastructure health scripts deployed and maintained across environments
Disaster Recovery & Resilience
- Backup and restore processes using rsync, tar, cron, and cloud storage
- Testing and automating recovery workflows
- Resilience validation via chaos testing (with Gremlin or custom failure scripts)
- Documentation and version control of system configs (GitOps practices)
Security Automation Skills
Cloud Security Automation
Tools:
- AWS | GCP | Azure
- Ansible
- Terraform
- Linux
- Bash
- Custom Python Scripts
What I Do:
I can automate security baselines and remediation across cloud environments. From enforcing IAM least-privilege policies to continuously scanning for misconfigurations, I bring proactive security into your infrastructure-as-code (IaC) workflows.
Use Cases:
- Automated patching and compliance enforcement
- Role and permission auditing
- Multi-account Terraform security modules
Chaos Engineering
Tools:
- Gremlin
- Linux
- AWS Fault Injection Simulator (FIS)
- Azure Chaos Studio
- Custom SSM Scripts
What I Do:
Inject controlled failure to uncover hidden weaknesses in your architecture. Whether it’s testing auto-scaling, simulating DNS outages, or validating monitoring gaps, I help you build resilient systems under real-world pressure.
Use Cases:
- Simulated EC2 termination, memory exhaustion
- Container crash experiments on EKS/GKE
- Resilience validations during high-load events
Resilience Scoring & Attack Simulations
Tools:
- Kali Linux
- Python
- Ansible
What I Do:
I can simulate real-world attacks and failure conditions, scoring your system’s detection, response, and recovery capabilities. My scoring model bridges chaos engineering with offensive security — a resilience-first mindset.
Use Cases:
- Purple teaming with chaos triggers
- Scorecard-driven executive reports
- MITRE ATT&CK-aligned scoring system
DevSecOps & Secure CI/CD Advisory
Tools:
- Jenkins
- Terraform
- Docker
- K8S
- Linux
- Snyk
- Trivy
What I Do:
I help integrate security controls directly into your CI/CD pipelines. From secrets management to policy-as-code, we ensure security never slows down your delivery.
Use Cases:
- Infrastructure scanning on every pull request
- Automated enforcement of security baselines
- Chaos Injected into CI/CD pipelines
Penetration Testing & Threat Modeling
Tools:
- Kali Linux
- Burp Suite
- MITRE ATT&CK
What I Do:
Assess your attack surface and simulate adversarial behavior to find and fix vulnerabilities. We also design threat models that align security decisions with your architecture and risk posture.
Use Cases:
- External/internal penetration tests
- Threat modeling for new applications or features
- Security workshops with engineering teams
SIEM & Log Analysis
Tools:
- Splunk
What I do:
I use Splunk to centralize, search, and analyze security logs from cloud, infrastructure, and application sources in real time.
Use Cases:
- Detect suspicious activity and trigger alerts using correlation rules
- Investigate incidents with custom dashboards and log timelines
- Monitor infrastructure health and system performance
- Ingest logs from firewalls, cloud platforms, IAM systems, and endpoints
- Support purple team simulations by mapping data to MITRE ATT&CK
- Visualize threat patterns and automate response workflow.