knútrinnríki.com -> Projects

Projects (mostly off the top of my head, and not at all exhaustive!) - and in no particular order!

Sites

• Farrer Ancestry

Software Development/Programming/Scripting

• Languages: Ada, Bash, C, C++, C#, Java/Kotlin, Python, PHP, and (a lot) more. Picking up the syntax of a new language is usally pretty easy.

Cybersecurity

• Teaming: Red Team (including physical), Blue Team, Purple (mix of Red and Blue on same team), etc.
• Tooling: Aircrack-ng, Binwalker, Caido, Nessus, Nmap, Metasploit, Wireshark, etc.
• Hardware: Serial, SPI, GPIO, etc. including off-chip extractions (e.g. ch341.)
• GRC for clients (as-needed) and internally.

Teaching and Training

• Taught technical subjects to both adults and youth.
• Presented at technical conferences both in person and virtually.
• Conducted training at client sites, both in person and virtually.

Team Leadership and Project Management

• Managed teams of 10 on numerous client projects.
• Led a project involving a Linux, multi-node, high-availability cluster: from initial client call to architecting, ordering, installation (in-person), configuration, testing, and deployment to production.
• Lead Security Architect for a client project: developed policies, manuals, user guides (how-to style), and designed new organizational infrastructure.

Documentation, Polcies, and Reports

• GRC: custom written for client as well as internally for previous employer.
• Many reports of various types: I always document each task as I'm working on it. This allows for easy(ier) reporting and documentation as well as helping me remember what I was doing in the event of.. Look! A squirrel!.
• Wrote professional document-style as well as Wiki-style security policies.
• Custom written System Administrator's guide for evidence handling in the event of a security incident.
• Wrote 10,000 Foot View Information Security Structure Guide (for executive consumption.)

Linux Distributions

• Gentoo (Volunteer):
  • Created and maintained packages (ebuild) via proxy maintainers and overlays.
  • Provided user support through IRC, email, forums, and in-person at conferences.
• Debian Developer:
  • Created and maintained packages.
  • Ported software (Assembly, C) from 32-bit Intel x86 to 64-bit DEC Alpha AXP. Also briefly dabbled with PowerPC.
  • Worked on Debian Installer.
  • Managed bug reports: filed, tested, triaged, fixed, and assigned issues.
  • Provided user support via IRC, email, and in-person at conferences.

Android Development

• Developed Android apps in Kotlin (current) and Java (older).

Zabbix Enterprise Monitoring

• Custom plugin for monitoring Linux software RAID arrays and the underlying disks.
• Custom plugin for monitoring ZFS pools.
• Custom plugin for monitoring PostgreSQL version and relation to the current stable releases for each supported branch.
• Custom plugin to handle emergency calls to on-call staff.

Scripting and Automation

• Implemented numerous automations with Ansible.
• Developed numerous scripts in Bash, Python (including tkinter), and Expect.
• Developed automated toolset to play Dabo in Star Trek Online while AFK (sleeping) to gain gold-pressed latinum (in-game currency.)
• Tons of web scrapers for various purposes.

Kubernetes

• Converted Docker images to Kubernetes.
• Created a Kubernetes image of Mastodon social media federated server with proper separation of components into individual containers (e.g., workers).
• Set up and maintained an 8-node cluster.

Docker (OCI)

• Created custom Docker images.
• Containerized proprietary applications.

LXD/Incus

• Implemented clustering on bare metal and virtualized environments.
• Set up mixed architecture clustering (x86_64 and aarch64).
• Configured Ceph clustering.
• Containerized proprietary applications.

Proxmox

• Implemented clustering on bare metal and virtualized environments.
• Created and maintained pfSense VM for routing and firewall purposes.
• Created and maintained OPNsense VM for routing and firewall purposes.
• Created and maintained OpenWRT VM for routing and firewall purposes.

Machine Hardening

• Machine hardening with SELinux on multiple distros.
• Apparmor deployments including on non-Ubuntu machines.

Telephony

• Phone IVR system for business with voicemail boxes for each user/department and voice-to-text conversion of messages.
• Phone call tree for on-call personnel. Calls triggered by either IVR or custom Zabbix plugin.

Forensics and Recovery

• Various Windows and Linux investigations with various tools (i.e. Autopsy, EnCase, ExifTool, FTK/Imager, OpenStego, Volatility, etc.)
• Data recovery and imaging from electro-mechanical, floppy, solid state, and other drives.
• Successfully recovered data from severely damaged electro-mechanical hard drive (took 31 days!)

Hackish

• Installed Debian GNU/Linux remotely on a RedHat Linux machine without a console (only SSH) by repurposing the swap partition as a temporary root.
• Custom (from scratch) Linux-based firewall and routing with multi-homed upstream, upstream connection load balancing, traffic flow control, filtering, and tons more.
• Way too many iPod reverse engineering and firmware hacks on the first several generations (1st gen through the early video capable ones) followed by multiple (more than you can count on one hand) cease and desist letters from Apple's lawyers - most of which were related to sharing of information learned. Let's just say I still do not like Apple even to this day. Knowledge is meant to be shared!
• Tons of reverse engineering and firmware hacking on Sandisk Sansa View.
• Custom firmware for Sony PSPs and homebrew apps.
• Several Android device rooting and installed custom firmware.
• Automated deployment (via ansible) of hashcat on AWS GPU instances for hash cracking.
• Lots of Raspberry Pi, nVidia Jetson, ESP32, Arduino, etc. -based projects.

Malware Analysis

• Mostly with ghidra and a little hexedit.

Malware Development - Educational and PoC Purposes Only!

• Various written in Bash, Perl, Python, and C.