Security Tools + Checklists + Automation

Practical Security Systems for Websites, DNS, Cloud, and Automation

I build practical security checklists, automation scripts, and evidence workflows for small technical teams that need to harden websites, DNS, cloud accounts, and operational systems without enterprise theatre.

Cloud security · DNS recovery · WordPress hardening · DFIR readiness · SecDevOps automation · AI prompt security

Myles Agnew, cyber security practitioner and tool builder
18+
Years in Tech
7
Open-Source Tools
4
Security Domains
0
Enterprise Theatre

Who uses these tools

Small technical teams

Teams without a dedicated security engineer who need to get cloud, DNS, and website hardening done without over-engineering it.

MSPs and web agencies

Agencies managing client infrastructure who want repeatable checklists, DNS backup tooling, and security baselines for client onboarding and reviews.

Solo operators and home lab builders

Practitioners who want automation scripts, evidence workflows, and reusable templates for running security work at their own pace.

Start with a practical security checklist

Practical checklists for teams that want to improve security without turning every problem into a consulting engagement.

Cloudflare + Website Security Baseline

A practical checklist for reviewing DNS, Cloudflare, WordPress, security headers, backups, and admin exposure.

Get Checklist →

DNS Backup and Recovery

A checklist for making DNS records versioned, recoverable, and auditable before a bad change or account issue causes downtime.

Get Checklist →

AI Agent Prompt Security

A starting checklist for reviewing AI-agent prompts, tool access, risky instructions, and CI-friendly prompt checks.

Get Checklist →

Featured Security Tools

Practical tools and automation projects built to make useful security work repeatable, recoverable, and easier to operate.

cloudflare-backup Shell ⭐ 1

Automated Cloudflare DNS record backup script. Keep DNS configuration versioned and recoverable without manual exports.

Use case: Version and recover DNS configs before client migrations or account restructuring.

View Tool →
promptgenie Python ⭐ 1

Prompt linting, static risk scanning, testing, and CI workflows for safer AI-agent prompt pipelines.

Use case: Integrate into CI pipelines to catch risky agent prompts before they reach production.

View Tool →
github-backup Shell

Bash scripts that snapshot every GitHub repository owned by an account. Off-platform backup for your entire GitHub presence.

Use case: Off-platform backup before account restructuring or platform incidents.

View Tool →
dns-blocklists Text ⭐ 1

Curated DNS blocklists for Pi-hole and similar resolvers. Blocks ads, trackers, and malicious domains at the network level.

Use case: Network-level blocking for home labs, small office, and MSP client networks.

View Lists →
n8n-json Python

Ready-to-import automation workflows for security alerts, notifications, and operational pipelines.

Use case: Drop-in automation for security alerts, notifications, and operational reporting.

View Workflows →
poc_opencti Shell ⭐ 1

Complete Docker deployment for OpenCTI as a proof of concept. Spin up a full threat intelligence platform for home lab or evaluation.

Use case: Spin up a threat intel lab for evaluation or home lab research.

View Deployment →
casaos-installation-deb13 Shell ⭐ 2

Quick Bash script to install CasaOS on Debian 13. Streamlines self-hosted home lab setup with a clean, reproducible approach.

Use case: Reproducible home lab setup on commodity Debian 13 hardware.

View Script →

Productized security systems in progress

I'm building tools that turn repeated manual security work into reusable systems, templates, and evidence packs.

Security Evidence Pack Generator

Concept

Generate branded, client-ready evidence packs from structured security inputs, screenshots, and implementation notes.

Join Waitlist →

Website Security Baseline Generator

Planned

Turn website, DNS, Cloudflare, and WordPress review inputs into a practical security baseline report.

Get Updates →

Security Automation Template Library

Building

Reusable n8n, Bash, Python, GitHub Actions, and documentation templates for lightweight security operations.

View Tools →

Security areas I build for

The focus is practical security tooling: repeatable workflows, checklists, evidence systems, and automations that reduce real operational risk.

☁️

Cloud Security Automation

Tools and templates for cloud baselines, exposure reduction, configuration checks, and repeatable review workflows across AWS, Azure, and GCP.

🌐

Web & WordPress Hardening

Checklists and automation for Cloudflare, headers, backups, plugin risk, and practical website security baselines.

📡

DNS Backup & Recovery

Utilities for making DNS changes versioned, auditable, and recoverable before something breaks.

🔍

Incident Readiness

Templates and workflows for logging, endpoint visibility, first-hour response, and operational readiness before a real incident forces the issue.

🛡️

Security Evidence Packs

Productized reporting and evidence-pack systems for repeatable security delivery and client-ready documentation.

🤖

AI Prompt Security

Prompt linting, risk scanning, CI checks, and safer AI-agent workflow patterns to reduce prompt injection and trust boundary risk.

Building practical
security systems

I'm Myles — a cyber security practitioner and tool builder based in Sydney, Australia.

I build practical security utilities, automation workflows, and repeatable templates for cloud, web, and operational security. My bias is toward tools that reduce real risk, make recovery easier, and turn manual security work into systems that can be reused.

I'm most interested in secure-by-default infrastructure, DNS and web hardening, incident readiness, evidence packs, and security automation that helps small teams operate with more confidence. I've spoken at WordCamp Brisbane, run cloud security tooling across AWS, Azure, and GCP, and been in the trenches with Cloudflare, Splunk, and Velociraptor.

When I'm not building security tools, you'll find me surfing, snowboarding, mountain biking, or on the back of a motorbike. Dad. Tech geek. Coffee addict. In that order.

Reduce real risk Make recovery boring Keep systems observable Automate repeatable work Prefer practical controls Avoid security theatre
Cloud Platforms
AWS Azure Google Cloud DigitalOcean Cloudflare Linode
Security Tooling
Splunk Pi-hole Bitwarden Velociraptor Cisco Ubiquiti
Infrastructure & DevOps
Docker Kubernetes Terraform Ansible Nginx Apache
Languages & Scripting
Python Bash PowerShell HTML5

From the blog

Get security tool updates

Get practical security checklists and early access to tools I'm building for website, DNS, cloud, and automation hardening. No enterprise theatre, no fluff.

Please do not include passwords, secrets, client data, or sensitive credentials. No spam — unsubscribe any time.