Technical Stack & Operational Capabilities

This page reflects the technologies I use, the environments I manage, and the standards I uphold. I build and secure systems from the ground up β€” from hypervisors and networking to AI pipelines and client-facing automation. Whether self-hosted or deployed in the cloud, every decision is informed by performance, auditability, and long-term reliability.

🧱 Infrastructure & Virtualization

  • Hypervisors: Proxmox, XCP-ng, nested lab environments
  • Public Cloud: Private Ansible & Ubuntu OpenStack(self-hosted), AWS (IAM, thin clients, EC2, D1, Lambda)
  • Networking: pfSense, VLANs, WireGuard, DNS over TLS, Cloudflare Tunnels
  • Edge Security: Cloudflare Zero Trust, API Gateway, DLP, DNS filtering, WAF

πŸ€– AI & Local Inference

  • Models: Mixtral, DeepSeek-Coder, LLaMA 2, CodeLlama, quantized variants
  • Inference: Ollama, llama.cpp, GGUF, accelerated with 3090/4060 GPUs
  • Agent Stack: Continue.dev, CLI agents, custom JS/TS and shell integration
  • Use Cases: Internal copilot tools, outbound LLM voice flows, self-hosted assistants

πŸ›‘οΈ Security & Red Team Engineering

  • SIEM / EDR: Wazuh, Security Onion, TheHive + Cortex stack
  • Intel Feeds: CISA KEV, OTX, Abuse.ch, internal mirrors
  • Offensive: Caldera, Hack The Box (active rotation), Crucible AI labs
  • Detection: Suricata tuning, anomaly detection, access token abuse chaining

🧰 Languages & Development

  • Primary: Rust, JavaScript, TypeScript, PHP
  • Also Used: Python (pragmatically), C++, Bash, Go
  • Tooling: code-server,Github, GitLab (self-hosted), manual CI/CD flows, local deployment pipelines

πŸ“ž MSP-Facing Ops

  • CRM Systems: Custom-built React/Rust or PHP-based Krayin fallbacks
  • Dialer Stack: ViciDial (custom-hardened), predictive tuning, smart SIP flow
  • SIP Providers: Telnyx, Twilio, SIP.US (per client use case)
  • Remote Access: Apache Guacamole for full-stack desktop/terminal access
  • Asset/Ticketing: GLPI, alert-routed via Wazuh and custom pipeline scripts

🌐 Frontend, CMS, and Interfaces

  • Frontend: React, Next.js, vanilla JS/TS, Framer Motion, Tailwind
  • CMS: Ghost (primary), WordPress (legacy only), Laravel-based CRM content stacks
  • Hosting: Cloudflare Pages, Proxmox-deployed stacks, hardened NGINX gateways

πŸ’» Operating Systems & Environments

  • Primary: NixOS (daily driver), GrapheneOS (mobile), macOS (media/dev integration)
  • Specialized: Qubes OS (segmentation, research, air-gapped ops)
  • Other: Hardened Debian-based distros, Alpine-based containers, custom kernel configs

πŸ” Professional Principles

  • I take a disciplined, client-facing approach to infrastructure β€” balancing performance, transparency, and long-term maintainability.
  • I architect systems that scale predictably, whether on-premise, hybrid cloud, or edge deployments.
  • I maintain strong AWS proficiency β€” especially IAM, thin clients, serverless, and monitoring stacks. I'm proficient in Azure, but I will charge a substantial premium for Azure services.
  • I deploy and recommend SIP services like Telnyx, Twilio, and SIP.US for secure, resilient voice infrastructure.
  • I choose tools for control, adaptability, and performance β€” not hype or trend.