Hey It's Sam 👋

Cybersecurity | Network Operations | Infrastructure Engineering

I’m a technology-driven practitioner focused on building secure, scalable, and high-performance systems. I like clear architectures, strong defaults, and automation that removes busywork.

This website is entirely self-hosted and deployed on my own hardened server—similar to the private VPN architectures I design. I care about reliable ops, good monitoring, and docs that future-me actually reads. 🛠️

🧰 Core Competencies

  • 🌐 Network Operations: TCP/IP, VLANs, VPNs (OpenVPN, WireGuard), DNS, DHCP, Syslog, SNMP
  • 🛡️ Cybersecurity: Zero Trust, SSL/TLS, BitLocker, certificate lifecycle, SSH hardening
  • 🗄️ Infrastructure: VMware vSphere, Dell EMC Unity, VPS configuration, OS hardening
  • 👤 Identity & Access: Active Directory, GPO, Intune MDM, OKTA SSO
  • 📈 Monitoring: PRTG, Meraki insights, log analysis & traffic diagnostics

🚀 Featured Project

Self-Hosted Portfolio Platform

  • ☁️ SamNet Cloud Drive: TLS, at-rest encryption, Redis locking, rotating backups.
  • 🤖 SecOps Assistant: On-site AI helper (Fast/Pro modes) with retrieval for my docs & playbooks.
  • 📡 Speed Test (DFW): Home-lab hosted test with live throughput and latency.

Private VPN Architecture on VPS

  • 🔒 Strong Auth & Crypto: Certificate-based auth, modern ciphers, PFS.
  • 🌐 Protocols: OpenVPN, WireGuard, IPsec (mobile and site-to-site).
  • 🧩 Smart Routing: Split/full-tunnel policies, DNS routing, DNS-over-TLS where appropriate.
  • 🧱 Defense-in-Depth: Firewall least privilege with clean default deny.
  • 📊 Observability: Health checks, logs, alerts, and dashboards.

🧠 Technical Proficiency in Practice

Hands-on across production and lab environments, with a bias for clean configs and observability:

  • 🧱 Virtualization & Infrastructure: I maintain VMware clusters, manage Dell EMC Unity storage (LUN/iSCSI provisioning, snapshots/replication), and script repeatable builds. Most tasks are IaC-style—Bash and templated configs to remove manual steps and keep environments consistent.
  • 🔒 Secure Networking: I design segmented networks and VPNs (IPsec/WireGuard/OpenVPN) with deny-by-default firewalls, DNS filtering, and IPv6 where appropriate. Health checks and SNMP traps feed into dashboards so routing changes or link issues surface quickly.
  • 🖥️ System & Endpoint Security: Full-disk encryption via BitLocker, certificate lifecycle management (ACME automation), OS hardening, and secure remote access. AD + GPO/Intune baselines standardize key settings across fleets.
  • ☁️ Cloud-Integrated Identity: Hybrid identity with OKTA SSO, Intune, and Azure services. Conditional access (MFA, device compliance) and sensible session policies keep UX smooth while tightening risk posture.
  • 📊 Monitoring, Analysis & Logging: PRTG sensors for availability/bandwidth, Meraki insights, and Syslog aggregation into ELK for auth/audit trails. Alerts are tuned for signal over noise with playbooks to cut MTTR.

🧩 SamNet Tool Utilities

A living toolbox for security, networking, and ops. Quick WHOIS/DNS lookups, encoders & hashing, IP/CIDR helpers, and more—added regularly.

Open Tools
🔎 WHOIS & DNS 🔐 Hash & Encode 🌐 IP / CIDR 🧪 Connectivity Checks 🗜️ Text Utils

Network Lookups

WHOIS, DNS records, PTR checks, and quick IP info to triage issues fast.

Security Helpers

Base64/hex, hashing, and small validators for headers and configs.

Ops Utilities

Formatters, converters, and mini-scripts that reduce repetitive toil.

🔓 Open Source

Security and networking tools — open source, self-hosted, built for real-world use.

GitHub Gitea Mirror ❤️ Donate

paqctl

One-click encrypted raw-socket proxy installer. Supports paqet (Go/KCP) and GFW-knocker (Python/QUIC) backends.

MTProxyMax

Full-featured MTProto proxy manager with multi-secret support, Telegram bot, monitoring, and auto-recovery.

Conduit Manager

Automated tunnel and proxy setup — WireGuard, IP6, GRE, reverse tunnels with interactive menu.

Torware

Tor network deployment toolkit — hidden services, relay setup, bridge configuration, and traffic routing automation.

Mini-Projects

SamNet Live Radar (ADS-B)

SamNet Live Radar ✈️

ADS-B 1090MHz • tar1090-style tracking • Self-Hosted

Real-time aircraft Live altitude bands Privacy-first feed

Self-hosted ADS-B receiver tracking aircraft over DFW in real-time via Raspberry Pi and RTL-SDR.

Open Live Radar View Stats
SamNet SecOps Assistant

SamNet SecOps Assistant 🤖

Fast (8B) • Pro (70B) • Retrieval

GPT-style help Linux & NetSec Retrieval

Assistant for Linux hardening, networking, incident response, and SamNet projects.

Open Assistant
SamNet Speed Test (DFW, TX)

SamNet Speed Test (DFW, TX)

Self-Hosted • Raspberry Pi 4B • No CDN

Bandwidth Latency

Real-world bandwidth & latency test from my DFW home lab.

Open Speed Test
Network Monitoring & Analytics

Network Monitoring 📊

Live Infrastructure • Analytics Dashboard

Uptime Privacy-first

Live server health dashboard and privacy-preserving view of HTTP activity (success rates, actor diversity).

Site Stats HTTP Analytics
SamNet Web Terminal

SamNet Web Terminal ⌨️

Browser TTY • WebSocket • Sandbox

Interactive Sec-aware Utilities

A clean, keyboard-first terminal in the browser for quick demos, and CLI experimentation in a sandboxed environment.

Open Terminal
SamNet Honeypot

SamNet Honeypot 🍯

Cowrie • FastAPI • Docker • GeoIP

Cyber Deception Live Attack Map Threat Intel

Live SSH honeypot tracking real-world attacks. Visualizes global threat data, password attempts, and attacker geolocation in real-time.

Open Honeypot
SamNet Cloud Drive

SamNet Cloud Drive ☁️

Nextcloud • HTTPS • WebDAV • 2FA

Sync & share Encrypted Rotating backups

Private Nextcloud with TLS in transit, LUKS-at-rest, Redis locking, and automated rotating backups.

Open Cloud
SamNet WG - WireGuard VPN Manager

SamNet WG

WireGuard • Docker • TUI • Web UI

Zero-Touch VPN TUI + Web UI Temp Peers

Complete WireGuard VPN management. One script deploys TUI, Web UI, QR codes, temporary peers, and data limits.

View Details
Nginx Security Hardening

Nginx Security Hardening

HSTS • CSP • TLS • Secure Headers

Hardened TLS CSP & HSTS

Best-practice snippets for HTTP/2, strict TLS, HSTS, CSP, and defensive headers.

View Details

📝 Blog & Learn

Tutorials, deep dives & homelab write-ups

Step-by-step networking guides, security hardening walkthroughs, infrastructure builds, and personal project write-ups. Browse by category or dive straight in.

Networking Security Infrastructure Blog
Browse all tutorials
Networking VLANs, VPNs, proxy panels, DNS & routing Infrastructure Self-hosting, Nextcloud, speedtest builds, Docker Blog & Projects ADS-B radar, personal builds & case studies
Each category has its own page. Pick a subject and start learning.

Quick Check

Instant answers — no clicks, no signups

🌐
What's My IP
Public IP & location
🖥️
Screen Resolution
Display size & pixel ratio
Download Speed
Quick bandwidth test
📍
My Location
IP-based geolocation
🔧
My User Agent
Browser & OS string
🛡️
VPN Leak Test
IP, DNS & WebRTC check
🚀
Speed Test
Download, upload & ping

✉️ Get in touch

If you’d like to connect, collaborate, or know more about my work, feel free to reach out.