Hey, I’m Danny ๐Ÿ‘‹

Security engineer who writes the tools I need and open-sources them when they might help someone else. Mostly Go, C, and Python.

ย 

๐Ÿ› ๏ธ Security as Code

I believe security operations should be versionable, diffable, and automated. These CLIs turn live SIEM and EDR platforms into code you can git diff:

  • secops โ€” operate Google SecOps (Chronicle SIEM + Siemplify SOAR) as code โ€” pull detection rules, parsers, dashboards, and SOAR playbooks into files, review the diff, push back
  • s1ctl โ€” operate SentinelOne Singularity as code โ€” agents, policies, exclusions, threat lifecycle, remote shell
  • splunkctl โ€” operate Splunk Enterprise SIEM as code โ€” SPL search, detection-as-code YAML, alerts, dashboards, indexes

All three ship with machine-readable command trees and embedded agent guides โ€” built for both humans and AI agents.

ย 

๐Ÿ“œ Regulatory AI

Evidence-only RAG + MCP servers that hand your AI exact legal provisions โ€” no hallucination, no paraphrasing. Every hit links to the official government source so you can verify the exact wording yourself:

  • banhmi โ€” Vietnamese banking & fintech regulation (State Bank of Vietnam, Ministry of Justice)
  • laksa โ€” Malaysian banking & fintech regulation (Bank Negara Malaysia, Securities Commission)

ย 

๐Ÿ“ฆ Go SDKs

Small, focused clients for security and cloud platforms โ€” each one go get-able straight off danny.vn/โ€ฆ:

PackagePlatform
s1SentinelOne Singularity โ€” agents, policies, threats, remote shell
secopsGoogle SecOps โ€” Chronicle SIEM + Siemplify SOAR
fortigateFortiGate firewall REST API
fortimgrFortiManager FlatUI API
nessusTenable Nessus scanner (read-only)
vngcloudVNG Cloud IAM
kaggleKaggle API โ€” kernels, datasets, token introspection

ย 

๐Ÿ”ฌ Security Research

  • offthebook โ€” memory-only Windows PE execution via SMB-over-QUIC SEC_IMAGE loading, with position-independent shellcode in pure C (MSVC + Clang)

ย 

๐Ÿ”ง Other Tools

  • byway โ€” transparent per-app VPN bypass on Linux using cgroup v2 + nftables + policy routing
  • flowcvcli โ€” drive a FlowCV rรฉsumรฉ from the command line or Python โ€” content, design, templates, avatar, publish & PDF export

ย 

Everything’s on GitHub.