Projects

⚙ On the Clacks ⚙

GNU Terry Pratchett ~ The code is never dead if it's still running somewhere

Simulation environments

Simulation environments, built for red team exercises and CTF challenges. Network zones separated by deliberate, exploitable boundaries. Vulnerabilities are properties of the simulated systems, not configuration options. Consequences emerge from what players actually do.

ICS access and persistence SimLab
ICS SimLab (In dev)

Notes and research

Notes built up through labs, CTF challenges, researching, and the thinking that follows. Traces of how understanding develops: what broke, what that revealed, and what it connects to. Organised by colourful domain.

Purple Lantern Practice Ltd.
Purple crossroads
Privacy playground
Privacy greenhouse
Unseen University Power & Light Co.
Red tradecraft
The Home for Bewildered Beasts of Legend
Defence blues
The patrician surveys the chaos
Indigo observatory

Audit notes

Real security comes first; audits merely verify what is already there. These notes help with post-work checks to spot gaps, strengthen defences, and catch what might have slipped through. Useful checks, not a compliance shortcut.

Resilient factory
The ISO 22301 resilient factory
Factory fortress
The IEC 62443 fortress factory
The NIS2 river crossing
The NIS2 river crossing
Organisational risk audits & resilience assessments
Organisational risk audits & resilience assessments
The ISO 27001 mountain expedition
The ISO 27001 mountain expedition