☕ Dark Roast Cyber LLC

View my Dark Roast Cyber company website.

Flash Notice: Axios npm compromise

Malicious versions [email protected] and [email protected] were briefly published on npm on March 31, 2026 with a trojanized dependency. This repository's checked-in package-lock.json currently has an empty packages object and does not show an Axios install, but any machine that installed those versions should be treated as potentially compromised.

Review Remediation Notes Axios Post-Mortem

Welcome ☕

We have a lot to protect and it is hard work. It is recommended that you brew a cup of coffee to enjoy while accessing this site. It dramatically improves the experience on the web. 😉

In the rapidly evolving landscape of Cybersecurity, our work demands persistence, proactivity, and collaboration. I truly believe that you don’t need to work at the same company to be on the same team.

What This Site Is About

Featured Resources

The best entry points for secure AI usage, agentic systems, and software supply chain defense.

Secure Package Management

Hardening NPM and Python dependencies against supply chain attacks. Protect your builds from Shai-Hulud, TeamPCP, and other emerging threats.

View Security Guide →

🔒 Zero Data Retention Endpoints

Real-time catalog of OpenRouter ZDR-compliant AI models that guarantee no data storage. Perfect for sensitive and confidential prompts.

View ZDR Models →

🤖 Latest: Mastering Agentic Prompting

Advanced techniques for building AI systems that can reason, plan, and execute complex tasks autonomously. Combining insights from Cerebras GLM 4.6 and Google Gemini 3.

Explore Guide →

Recent Highlights & Research

A more opinionated collection of current projects, experiments, and conference material.

🤖 DIY Agentic Security

Building your own security tools with AI. Guides on Agentic SOC architecture, LLM stacks, and pipelines.

Agentic SOC LLM Stack OpenWebUI Pipelines

🛡️ GenAI Inference Security

Protecting your AI infrastructure. Implementing guardrails for LLM inputs and outputs.

Llama Guard Token Guard

💻 Secure Local Models

Best practices for running LLMs locally and securely on your own hardware.

Scanned Models LLM Security vLLM Guide

🦠 AutoIT Evasion & Malware

Research on detecting AutoIT malware and emulating evasion techniques.

Detection (GitHub) Emulation (GitHub)

🌍 OpenWebUI Community

Check out my models, filters, and manifold pipes for the OpenWebUI community.

Visit Profile →

🌵 CactusCon 2025

Did you miss the event? Catch up on the materials and presentation decks.

View Materials →

Knowledge Base & Resources

Explore the broader collection of guides, cheat sheets, research, and project write-ups across the site.

🛡️ Information Security

Comprehensive technical guides and cheatsheets for Splunk, LogScale, and KQL. Dive into rule creation with Sigma, YARA, and Snort/Suricata to build robust defenses.

🐺 Threat Hunting & Intel

In-depth research on APTs and malware analysis. Strategies for proactive threat hunting, including deep dives into Qakbot and other adversaries.

💻 Dev & Projects

A collection of scripts, tools, and open-source projects. From Python automation and Docker integrations to fun projects like ParetoPi.

🤖 Machine Learning & AI

Navigating the intersection of AI and Security. Resources for securing LLMs, deploying local AI stacks, and building Agentic SOC architectures.

🎓 Interview Resources

Guidance for professionals at every stage. Cheatsheets and interview prep for Security Engineering, SOC roles, and Threat Hunting positions.

From the very start of my career, I have always found myself the beneficiary of those taking time to create collections of resources, cheatsheets, and guides for various technologies I've worked with. I want to do the same for others through this simple site.

Connect with me:

About Me public(AT)christiant.io PGP Key