The Cipherscale Archives

Python Security Automation Projects & Blog
Contact

  • Archive Entry 009

    +

    +

    +

    +

    +

    +

    Lately I’ve noticed a trend across many cybersecurity Discords — a kind of performative caution, if you will.

    You’ll see Discord server owners — some relatively unknown, others with large followings — posting video demonstrations and tutorials on hacking tools, exploit devices, and even full attack demos. Some of these same owners or mods even charge money for “educational” access or sell devices they’ve built. All wrapped in the magic disclaimer: “For educational purposes only.”

    But when a member mentions those same concepts or techniques inside their Discord, the message gets deleted or flagged. A mod swoops in with: “Stop discussing this — it’s not legal. You’ll be banned and reported.” If that member had simply started with “For educational purposes only,” would they still have been reprimanded?

    It’s a confusing double standard, especially for newcomers trying to learn and find mentors.

    Ethical hacking thrives on open knowledge sharing. That’s how people grow — by asking questions, comparing tools, building labs, and experimenting responsibly. Yet so many communities overcorrect out of fear of appearing “illegal,” silencing the very curiosity they claim to encourage.

    Of course, moderation is necessary — but context matters. Learning red-team techniques in labs is ethical and should be openly discussed among students and professionals. Sometimes people simply need to troubleshoot a script or figure out how to configure a specific pentesting tool. That doesn’t mean they’re plotting a crime.

    Targeting real systems without consent is illegal — and that distinction is obvious. If someone says they’re attacking a live target, then yes, action should be taken.

    But when every mention of “website hacking” or “rubber ducky scripts” gets banned while discussing pentesting, we don’t protect the field — we stunt its growth. People are talking shop. You should know the difference.

    And it’s especially hypocritical when the same people enforcing silence over “illegal topics” are the ones posting questionable “educational” demonstrations for likes, followers, and sales on social platforms — videos that can easily reach millions of untrained viewers who might replicate what they see without understanding the risks, regardless of the disclaimer.

    Cybersecurity doesn’t need more fear from those of us on the same team — it needs better teachers with spaces that promote curiosity alongside ethics.

    +

    +

    +

    +

    +

    +

    +
    + , , , , , , ,

    +

    +

    +

    +

    +

    +

    +

    +

    +

    +

    +

    +

  • Archive Entry 008

    +

    +

    +

    +

    +

    +

    “What good is it to have a belly if there’s no fire in it? Wake up, drink your passion, light a match and get to work.”
    Simon Sinek

    When I decided to get into cybersecurity, I kept hearing the same thing over and over:
    “Start with helpdesk. Work your way up. Then think about red teaming later.”

    I get it. That’s the route a lot of great professionals took. But what happens when curiosity doesn’t wait for permission? I’m not working in the field yet, and I’m not the type to sit around waiting for the “right time” to start building skills.

    My education hasn’t been entirely self-taught either. I attended Lincoln Technical Institute, where I learned the fundamentals of hardware and software. Basically everything covered in CompTIA A+ and got hands-on experience through labs and assignments. On top of that, I earned the Google Technical Foundations and Cybersecurity certificates and completed Ethical Hacking courses that gave me experience using Kali Linux and its security tools. The Google certs might not be the biggest names in the industry, but they gave me a solid base of knowledge and the confidence to keep pushing forward. Right now, I’m studying for CompTIA Security+ to strengthen that foundation even more and earn my first industry-recognized certification.

    Along the way, I’ve taken a learn-by-doing approach. I’ve built isolated labs, detonated malware samples, programmed IoT devices for my own projects, learned Python, solved CTFs, and built my own blog and GitHub portfolio to document everything I’ve discovered. My projects came before the certifications. Not due to arrogance or a desire to skip ahead, but because I wanted to understand how things really work. I wanted to see how threats behave, not just read about them in a textbook.

    I know this approach raises eyebrows. Some professionals think if you haven’t “paid your dues” in IT, your work doesn’t count. But cybersecurity is evolving. The same internet that produces new attacks also gives us open tools, safe environments, and entire communities where anyone can learn responsibly if they’re willing to put in the time. I am. Every free second of my life is dedicated to this craft.

    +

    +

    +

    +

    +

    +

    +
    + , , , , , ,

    +

    +

    +

    +

    +

    +

    +

    +

    +

    +

    +

    +

  • Archive Entry 007

    +

    +

    +

    +

    +

    +

    Last week, I had my first interview with a defense contractor, and it was completely run by an AI system. No video call, no person on the other side, just me talking through prompts and logic questions with a machine. Next week, I’ll find out if I’m stepping into the next phase of their selection process and it could be life changing. Not just because of the opportunity itself, but because it represents the convergence of everything I’ve been working toward. Security, automation, cloud computing, and artificial intelligence all colliding in one direction.

    Kind of wild when you think about it. I remember being a child in the mid 90’s witnessing the birth of Windows and AOL which changed everyone’s lives. Here we are now with AI which is now doubt going to be another huge technological pivot.

    Not only am I breaking into tech but I’m doing it at a very interesting time. Cybersecurity has always been the goal, but over the past few months, it’s become impossible to ignore how much AI is shaping the field. Some seem to be very anti-AI due to the concern of job security. At one end, I understand but I also understand that the technology is here to stay and you have to learn to make it a part of your skillset or you’re going to become severely outpaced by those who master it. One of my mentors recently told me something that was very simple, but it made sense – times and technology have changed drastically and you’re either going to be good enough to make a living in this field or you’re not.

    A year ago, I was still deep in the automotive world, troubleshooting vehicles by day and studying IT fundamentals at Lincoln Tech by night. Although I still work in automotive during the day, every second away from it – I’m buried in my studies and hands on projects. I can feel a shift coming. The kind that doesn’t just change your job but changes how you see yourself. I’m excited for what’s next — I really love the work, the learning, and building. Feels like all the late nights are finally starting to connect and I can’t wait to make my mark in this field.

    +

    +

    +

    +

    +

    +

    +
    + , , , , ,

    +

    +

    +

    +

    +

    +

    +

    +

    +

    +

    +

    +

  • archive entry 006

    +

    +

    +

    +

    +

    +

    I’ve always loved the idea of one day getting on a red team. The allure of being an ethical hacker, the strategy, the mindset of thinking like an attacker to figure out how systems break. That was the original dream that sparked my love and passion for cybersecurity.

    At the same time, I’ve always loved coding. The mix of interests made me start exploring security from different angles, even dabbling in Blue Team basics just to see what things looked like from the defender’s side.

    Pretty quickly all of those interests started to overlap. That’s where projects like the ThreatLog Automator (a log watcher that doesn’t sleep) and the Wi-Fi Sentinel (a pocket-sized Wi-Fi scanner) came from. They’re simple tools but each one taught me something new: real-time automation, working with limited hardware and just how far you can push a few lines of code.

    Now I’m studying for an AWS Cloud certification because the future of security isn’t just on laptops or local networks anymore. More and more attacks are attacks are hitting cloud assets. Learning AWS feels like the next logical step if I want to keep building practical tools and stay close to where modern security challenges actually happen.

    Red-team dreams started the journey. Python projects kept it moving. The cloud is where I’m headed next. 🚀

    +

    +

    +

    +

    +

    +

    +
    + , , ,

    +

    +

    +

    +

    +

    +

    +

    +

    +

    +

    +

    +

  • Archive Entry 005

    +

    +

    +

    +

    +

    +

    I grabbed the M5Stack Cardputer a couple weeks ago and had a few ideas kicking around for what to build and finally decided on this project. It’s a tiny $30 gadget, smaller than a deck of cards with a little display and an ESP32-S3 microcontroller inside. I wanted to see if I could turn it into a self-contained tool, something that didn’t need a laptop or a terminal running in the background and that’s how Wi-Fi Sentinel came together: a pocket-sized wireless scanner that powers on, scans nearby networks, and shows everything right on its own screen in real time.

    No setup menus, no cables, nothing to launch on a computer. Just turn it on and watch networks pop up on a color-coded display: green for strong signals, yellow for medium ones and red for the faint signals. It’s simple, small and surprisingly capable for something that costs less than dinner.

    I wanted this to be more hands-on than a typical script. The idea was to make it fully autonomous, keep the info easy to read on a tiny screen and squeeze as much as possible out of limited hardware. Along the way, I ended up learning a ton about IoT development, real-time automation, and how to get creative when resources are tight.

    The Wi-Fi Sentinel runs on MicroPython using UIFlow2 APIs for the display and Wi-Fi scanning. The Cardputer ships with MicroPython firmware already baked in, so you can write Python code, drop it on the device, and it just runs — no compiling, no custom firmware needed. The code fires up the Wi-Fi module, scans for networks, shows each SSID with its signal strength and a color status, then refreshes automatically every few seconds. The whole thing fits in just a few dozen lines.

    Right now, Wi-Fi Sentinel sticks to scanning and visualization, but there’s a lot of room to grow. It could log data for signal mapping, add timestamps and GPS for location tracking, or even throw alerts when unknown networks appear. What started as a small project has already sparked bigger ideas in security automation and portable systems.

    The whole project is open source on GitHub for anyone curious about IoT hardware, MicroPython scripting, or real-time wireless analysis. It’s a tiny device with big ambitions and this is just the start.

    View on GitHub

    +

    +

    +

    +

    +

    +

    +
    + , , , ,

    +

    +

    +

    +

    +

    +

    +

    +

    +

    +

    +

    +

  • Archive Entry 004

    +

    +

    +

    +

    +

    +

    There’s something about the quiet hours when the rest of the world goes offline. My screens stay lit, lines of code glowing back at me, and I find myself chasing ideas that start small and somehow grow into actual projects. This one began with a simple thought: logs are always talking. Who’s listening? Every failed login and every sudo command sit buried inside endless lines of text. Most people ignore them until something breaks. I wanted to build a little tool that doesn’t sleep, one that keeps an eye on things even when I’m not around, and that’s how ThreatLog Automator came to life.

    It started as a weekend experiment to see if I could write a Python script to monitor system logs in real time. I wanted something light and simple with no giant security platforms and no complicated setup. Just Python, a log file, and some curiosity. The final script ended up with three main pieces. Follow Mode keeps watch in real time and spots suspicious events as soon as they happen. Replay Mode runs through old logs when you want to review the past. A lightweight SQLite database stores every alert so nothing gets lost. That’s all it takes. One script, a small database, and you have a basic log monitoring system.

    Like most projects, this one taught me things I didn’t expect. Late-night debugging builds real problem-solving skills fast. SQLite turned out to be perfect for small security tools because it is lightweight and simple to set up. And projects tend to grow quickly when you keep adding one more thing after each success. Right now, ThreatLog Automator just flags failed logins and sudo commands, but I’m already thinking about adding email or Slack alerts for real-time notifications, a simple web dashboard for browsing past alerts, and more event types for wider coverage. Each small step teaches me something new.

    The code is up on GitHub under ThreatLog Automator. If you like building things with Python or experimenting with security automation, take a look. Maybe it will spark your own late-night project.

    View on GitHub

    +

    +

    +

    +

    +

    +

    +
    + , , , ,

    +

    +

    +

    +

    +

    +

    +

    +

    +

    +

    +

    +

  • Archive entry 003

    +

    +

    +

    +

    +

    +

    When I first started learning Python and exploring cybersecurity, I didn’t have a five-year plan or some grand vision. I just like writing and debugging code to make them work. Late at night, I’d be hunched over my screen trying to figure out why my script kept throwing errors or why my log parser wasn’t catching what I expected.

    There’s no paycheck tied to it. No boss asking me to learn this stuff. It was just me, my curiosity, and a blinking cursor daring me to keep going and somewhere in those long nights, I realized something important: curiosity lasts longer than comfort.

    I’ve seen a lot of people jump into tech because of the headlines about salaries or remote work. And there’s nothing wrong with wanting stability — we all do. But if the only thing pulling you forward is the promise of a paycheck, it’s hard to keep going when the work gets tough, when the errors won’t fix themselves, or when progress feels slow.

    For me, learning Python resonated with me because it wasn’t about chasing something. It was about building things I didn’t know I could build. Automating repetitive tasks. Writing a script to sift through logs while I slept. Watching something I created actually work.

    That curiosity has kept me going far longer than any job description or salary range ever could.

    And maybe that’s the real secret to this field: passion doesn’t just make you better at what you do — it keeps you in the game when others burn out. Your portfolio grows. Your skills deepen. And when the right opportunity comes along, you’re ready. Until then, enjoy the process.

    +

    +

    +

    +

    +

    +

    +

    +

    +

    +

    +

    +

    +

    +

    +

    +

    +

    +

    +

  • Archive entry 002

    +

    +

    +

    +

    +

    +

    how python changed my direction

    When I first stepped into cybersecurity, my sights were set on SOC Analyst roles. I wanted to learn log analysis, threat detection, and incident response—the classic Blue Team path. I built a home lab, studied security workflows and started blogging my journey so others could learn alongside me.

    But there was one skill I brought with me from the start – Python. I originally learned programming out of curiosity and in many ways, it’s what inspired my shift into cybersecurity in the first place. I loved seeing my own scripts come to life, watching lines of code turn into something functional and useful.

    As I looked at other analyst’s resumes and experience, one thing stood out – Python was often treated as an afterthought, left off to the sidelines or neglected altogether. Despite its ability to automate repetitive tasks and dramatically cut response times, it was rarely at the center of most workflows.

    That realization pushed me to pivot. Instead of only learning how to respond to threats manually, I began focusing on building tools that can detect, analyze, and respond automatically. Security automation became the bridge between my programming skills and my growing cybersecurity knowledge and it’s now the focus of my career path.

    +

    +

    +

    +

    +

    +

    +

    +

    +

    +

    +

    +

    +

    +

    +

    +

    +

    +

    +

  • Archive Entry 001

    +

    +

    +

    +

    +

    +

    I created The Cipherscale Archives to document my journey throughout my new career in cybersecurity. I could have just created a GitHub and left it at that but I really wanted a way to revisit my thoughts as I progress and being able to share the experience while connecting with others who may be considering this path in life felt like a much better option.

    Here’s what you can expect from this blog:

    • Blue Team Projects & Tools – Scripts, SIEM experiments, and defensive security labs for threat detection, log analysis, and incident response.
    • SOC Analyst Journey – Personal notes on learning malware analysis, handling alerts, and simulating real-world security incidents in a home lab.
    • Incident Response & Threat Detection Guides – Walkthroughs of investigating alerts, analyzing logs, and detecting common attack techniques.
    • Defensive Security Resources – Curated lists of Blue Team tools, training platforms, books, and learning paths for aspiring SOC analysts.

    Whether you’re here to pick up new knowledge, follow along with my projects or just explore the ideas I’m passionate about, I’m glad you found your way here.

    Thanks for reading and welcome to The Cipherscale Archives.

    +

    +

    +

    +

    +

    +

    +

    +

    +

    +

    +

    +

    +

    +

    +

    +

    +

    +

    +