Skip to main content

Ideas

·3 mins
Table of Contents

Things I want to build, explore, or think through. No promises, no deadlines.

Security & Hacking #

  • Bad USB — build and document attacks; understand what’s actually happening at the firmware level
  • OWASP Juice Shop — already built JuiceSec as a lighter version; go deeper with the real thing
  • OWASP MASTG — Mobile Application Security Testing Guide; pair with the APK analyser work
  • WarGames / OverTheWire — wargame platforms; structured practice rather than ad hoc
  • Zeek / Suricata — deploy, generate traffic, write rules, understand what the alerts actually mean
  • Reverse engineeringAzeria Labs ARM tutorials, then x64dbg; document what breaks first
  • Wi-Fi PineappleHak5; test in a controlled environment, write up the findings
  • PowerShell for HackersI-Am-Jakoby’s repo + obfuscation techniques
  • URL fuzzingTero Karvinen’s guide; hidden directories, common misconfigurations
  • Flash cards — build a deck for cert/interview prep; something spaced-repetition friendly

Systems & Networking #

  • DD-WRT / OpenWRT — flash a router, configure, document what’s possible vs. stock firmware
  • pfSense — deploy as a VM or on hardware; build a lab network behind it
  • LineageOS / GrapheneOS / /e/OS — de-Google a device; compare the three approaches and what each actually changes
  • Linux From ScratchLFS — an old favourite. Build it again, write it up properly this time

Coding & Challenges #

  • Advent of Codeadventofcode.com — use it to learn a new language properly, not just solve it in Python
  • The Odin Project — structured web development curriculum; do it if the vibecoding frontend work starts feeling shaky
  • Project Euler / Kata / Leetcode — choose one and go deep rather than skimming all three
  • New language — pick one (Rust? Go? something else) and use AoC or Euler as the vehicle

Writing & Publishing #

  • 100 posts on Mastodon — consistent, public, short-form; different muscle than blog posts
  • TiddlyWikimrdee.tiddlyhost.com — figure out what actually belongs there vs. here
  • Digital GardenTom Critchlow’s framing is the right one; think about what this would look like for security writing
  • NaNoWriMo — 50,000 words in November. Probably fiction. Possibly terrible. Worth trying once.
  • Self-hosted journalkevquirk/journal; evaluate whether it solves anything this blog doesn’t already solve
  • Wikipedia project — follow a featured article through its history; understand what makes one work, whether the pattern holds across different topics

Analysis & Research #

  • Wars, operations, battles — pick one conflict, go deep: primary sources, maps, decisions, counterfactuals
  • Cricket match analysis — scorecards as data; what’s actually predictive, what’s noise
  • Browser performance measurement — uBlock Origin vs. Privacy Badger vs. nothing; measure with Selenium; quantify the difference in page load, requests blocked, data transferred
  • Books from EiE & TSATU — work through the reading lists; write up the ones that land
  • Mental models & security analogies — map security concepts to things non-security people already understand; sketch, not slides

Vibe Coding Backlog #

  • Mastodon bot for Kannada poetry — 945 Mankutimmana Kagga verses collected, bot not yet written
  • APK analyser v2 — proper JADX integration, cleaner architecture
  • curl notes — source reading is happening; the writing isn’t keeping up
  • Snippet bot — post short, useful code or text snippets on a schedule; platform TBD
  • Emacs / Org-mode — spend a month using it seriously before forming an opinion

Last updated April 2026. The list grows faster than it shrinks. That’s probably fine.