Skip to content
View dannyota's full-sized avatar
  • Ho Chi Minh City, Vietnam
  • 10:38 (UTC +07:00)

Block or report dannyota

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
dannyota/README.md

Hey, I'm Danny πŸ‘‹

Security engineer who writes the tools I need and open-sources them when they might help someone else. Mostly Go, C, and Python.

πŸ› οΈ Security as Code

CLIs that turn live SIEM and EDR platforms into code you can git diff:

  • secops β€” operate Google SecOps (Chronicle SIEM + Siemplify SOAR) as code β€” pull detection rules, parsers, dashboards, and SOAR playbooks into files, review the diff, push back
  • s1ctl β€” operate SentinelOne Singularity as code β€” agents, policies, exclusions, threat lifecycle, remote shell
  • splunkctl β€” operate Splunk Enterprise SIEM as code β€” SPL search, detection-as-code YAML, alerts, dashboards, indexes

All three ship with machine-readable command trees and embedded agent guides β€” built for both humans and AI agents.

πŸ“œ Regulatory AI

Evidence-only RAG + MCP servers that hand your AI exact legal provisions β€” no hallucination, no paraphrasing:

  • banhmi β€” Vietnamese banking & fintech regulation (State Bank of Vietnam, Ministry of Justice)
  • laksa β€” Malaysian banking & fintech regulation (Bank Negara Malaysia, Securities Commission)

πŸ“¦ Go SDKs

Small, focused clients for security and cloud platforms β€” each one go get-able straight off danny.vn/…:

Package Platform
s1 SentinelOne Singularity β€” agents, policies, threats, remote shell
secops Google SecOps β€” Chronicle SIEM + Siemplify SOAR
fortigate FortiGate firewall REST API
fortimgr FortiManager FlatUI API
nessus Tenable Nessus scanner (read-only)
vngcloud VNG Cloud IAM
kaggle Kaggle API β€” kernels, datasets, token introspection

πŸ”¬ Security Research

  • offthebook β€” memory-only Windows PE execution via SMB-over-QUIC SEC_IMAGE loading, with position-independent shellcode in pure C (MSVC + Clang)

πŸ”§ Other Tools

  • byway β€” transparent per-app VPN bypass on Linux using cgroup v2 + nftables + policy routing
  • flowcvcli β€” drive a FlowCV rΓ©sumΓ© from the command line or Python β€” content, design, templates, avatar, publish & PDF export

More at danny.vn.

Popular repositories Loading

  1. offthebook offthebook Public

    Research notes and code for memory-only Windows PE execution, loader-state reconstruction, and SMB-over-QUIC SEC_IMAGE loading.

    C 2 1

  2. banhmi banhmi Public

    Evidence-only RAG + MCP server for Vietnamese banking & fintech regulation β€” exact Điều/KhoαΊ£n citations, validity status, and official government source links for your own AI. No hallucination.

    Go 1

  3. secops secops Public

    Operate Google SecOps (Chronicle SIEM + Siemplify SOAR) as code β€” a Go CLI and unofficial SDK

    Go 1

  4. dannyota dannyota Public

    danny.vn β€” personal site and GitHub profile README

    HTML

  5. ent ent Public

    Forked from ent/ent

    An entity framework for Go

    Go

  6. fortimgr fortimgr Public

    Unofficial Go SDK for FortiManager FlatUI API. Use at your own risk.

    Go