Skip to content
View solomonneas's full-sized avatar
0 followers · 1 following

Achievements

Achievement: Pull Sharkx3Achievement: YOLOAchievement: Quickdraw

Achievements

Achievement: Pull Sharkx3Achievement: YOLOAchievement: Quickdraw

Block or report solomonneas

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
solomonneas/README.md

Solomon Neas

Network & Systems Engineer | Cybersecurity | AI Infrastructure

Lab assistant in Polk State College's Network Systems Engineering Technology department. I build security tools, network monitoring systems, and AI-driven automation on real infrastructure.

What I'm Working On

Security & Threat Intelligence

Project Description
πŸ›‘οΈ CyberBRIEF AI threat intel briefing tool. BLUF reports, ATT&CK mapping, IOC extraction, multi-source research
πŸ” Bro Hunter Threat hunting platform for Zeek/Suricata logs. Beaconing detection, DNS anomaly analysis, MITRE mapping
πŸ”¬ Intel Workbench Threat intel analysis with ACH matrix, cognitive bias checklists, evidence weighting, STIX export
πŸ“– Playbook Forge IR playbook builder with visual flowcharts, execution engine, AI generation, and SOAR integration
🏒 SOC Showcase S³ Stack portfolio: 9-tool visualization, animated data flow pipelines, architecture graphs
πŸ—οΈ SΒ³ Stack Full SOC architecture: MCP servers, detection pipelines, deployment playbooks

MCP Servers (Model Context Protocol)

Project Description
🧠 Cortex MCP Observable analysis: submit IOCs, retrieve reports, trigger response actions
πŸ›‘οΈ Wazuh MCP SIEM queries: agents, alerts, rules, decoders
πŸ”¬ MISP MCP Threat intel: search events, correlate IOCs, export STIX/Suricata/CSV
🐝 TheHive MCP Incident response: cases, alerts, tasks, observables
βš”οΈ MITRE ATT&CK MCP Map techniques, profile threat groups, analyze detection gaps
πŸ”Ž Zeek MCP Network monitoring: connection logs, DNS, HTTP, SSL
πŸ¦” Suricata MCP IDS/IPS: manage rules, query alerts, analyze traffic
πŸ”΅ Rapid7 MCP InsightVM/IDR: vulnerabilities, assets, detection rules
πŸ”΄ Sophos MCP Sophos Central: endpoints, alerts, EDR/MDR telemetry

Network & Infrastructure

Project Description
πŸ”­ Watchtower NOC dashboard with interactive topology, L2/L3 views, LibreNMS/Proxmox integration. Demo
πŸ”Œ PortGrid Switch port visualizer for LibreNMS with color-coded views and instant search
πŸ”’ ProxGuard Proxmox firewall rule visualizer with conflict detection and rule simulation
🐧 Samba AD Migration Windows AD to Samba file share migration scripts for Proxmox
πŸ” MistPortBouncer Mist/Juniper NAC port bounce automation for stuck 802.1X ports

Tools

Project Description
πŸ’» termfolio Terminal-style portfolio with interactive shell and easter eggs. Live
πŸš€ astro-portfolio Portfolio site. solomonneas.dev

Ops Deck Automation Pipeline

My dev workflow runs through an internal Ops Deck with API-first automation. It acts as a control plane for build/review/publish operations instead of disconnected scripts.

Core pipeline capabilities:

  • Social content operations

    • Draft queue management by platform
    • Approval and publish actions through API endpoints
    • Calendar sync for scheduled and published posts

  • Cron orchestration and visibility

    • Centralized cron job inventory
    • Status, next run, and failure tracking
    • Operational dashboards for scheduled automations

  • Memory system (knowledge cards)

    • Slim runtime memory index
    • Atomic knowledge cards for long-term recall
    • Semantic retrieval to pull only task-relevant context

  • Prompt library service

    • Categorized prompt storage and versioning
    • Reusable prompt execution patterns for agents
    • API access for prompt lookup in live workflows

  • Semantic indexing for code and memory

    • Local embedding-backed code search
    • Structured memory search across notes and cards
    • Retrieval-first flow for faster, lower-token operations

  • DevOps guardrails

    • Feature branch + PR workflow by default
    • Multi-layer review flow (Codex review + AI reviewers + human merge)
    • Repository hygiene automation (ignore rules, artifact cleanup, policy checks)

This setup is built for practical throughput: faster iteration, safer merges, and fewer repetitive manual steps.

Tech

  • Languages: Python (FastAPI), TypeScript (React, Next.js, Astro), SQL, Shell
  • Infrastructure: Cisco IOS/IOS-XE, Dell PowerEdge, Proxmox, Fortinet
  • Security: Zeek, Suricata, Wazuh, TheHive, Cortex, MISP, MITRE ATT&CK
  • AI: Claude, GPT, Gemini, MCP Servers, Ollama, agent workflows
  • Tooling: LibreNMS, Netdisco, Docker, Linux, Git

Connect

Popular repositories Loading

  1. solomonneas solomonneas Public

    My personal repository.

  2. portgrid portgrid Public

    PortGrid is a modern, high-density port visualizer for LibreNMS, designed to replace the legacy SwitchMap. Built with Next.js, it offers a fast, color-coded "spreadsheet view" of switch ports via A…

    TypeScript

  3. samba-ad-migration samba-ad-migration Public

    Automation scripts for migrating Windows AD file shares to Samba on Proxmox with full domain integration

    Shell

  4. watchtower-legacy watchtower-legacy Public archive

    NOC

    TypeScript

  5. watchtower watchtower Public

    SΒ³ Stack β€” Real-time NOC dashboard for enterprise network monitoring. LibreNMS, Proxmox, InfluxDB, Palo Alto.

    TypeScript

  6. termfolio termfolio Public

    Terminal-style portfolio and resume

    TypeScript