Skip to content
View 0xCardinal's full-sized avatar
πŸ€™
πŸ€™
21 followers · 21 following

Achievements

Achievement: Pull Sharkx2Achievement: QuickdrawAchievement: YOLOAchievement: Pair Extraordinaire

Achievements

Achievement: Pull Sharkx2Achievement: QuickdrawAchievement: YOLOAchievement: Pair Extraordinaire

Block or report 0xCardinal

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
0xCardinal/README.md

Hey there πŸ‘‹ I'm Kumar Ashwin

πŸ›‘οΈ Cloud & Supply Chain Security | πŸ” Usable Security Advocate | 🧠 AI + Automation Enthusiast

GitHub Streak Stats

πŸš€ About Me

> whoami
Security Engineer | Builder | Trainer | Hacker-in-Residence

I'm a hands-on security engineer focused on solving real-world problems with code, context, and creativity. I enjoy building tools, teaching practical security, and shaping secure systems across development pipelines and cloud-native environments.

  • πŸ› οΈ Working at the intersection of code, infra, and security
  • πŸ“š Regularly speak & train at conferences like BlackHat, DEFCON, x33fcon, and Nullcon
  • πŸ§ͺ Building hands-on labs and CTFs
  • πŸ€– Exploring AI-powered automation to reduce toil for security teams
  • πŸ” Helping teams scale secure engineering practices without slowing down developers

πŸ” Areas of Focus

  • ☁️ Cloud Security β€” Misconfigurations, IAM, least privilege, Resilience
  • πŸ”„ Supply Chain Security β€” From Developer to Deployment
  • βš™οΈ Automation β€” Tooling, Pipelines, Remediation, Zero Touch
  • 🧠 Security Enablement β€” Usability, Secure defaults, Guidance

🧰 Tech Stack

AWS Python Go Docker GitHub Actions Linux Bash Burp Suite JavaScript Cloudflare Postman Kubernetes

🧭 Guiding Principles

  • Break it until you understand it.
  • Design for defenders, not just auditors.
  • Build secure systems that's usable.
  • Good security scales, teaches, and disappears.

πŸ“¬ Get in Touch

Working on something at the crossroads of security engineering, automation, or hacking something?
Ping me on LinkedIn or X β€” always up for a good security chat.

Pinned Loading

  1. CeWLio CeWLio Public

    A powerful Python-based Custom Word List Generator that crawls web pages with JavaScript support to extract words, emails, and metadata for security testing and research.

    Python

  2. covert-canary-detection covert-canary-detection Public

    This repository details various methods to identify canary tokens without triggering them.

    Python 1

  3. madhuakula/kubernetes-goat madhuakula/kubernetes-goat Public

    Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground πŸš€

    HTML 4.9k 816

  4. redhuntlabs/Project-Resonance redhuntlabs/Project-Resonance Public

    52 14

  5. NotSoSecure/cloud-sec-wiki NotSoSecure/cloud-sec-wiki Public

    Jekyll Files for cloudsecwiki.com

    CSS 50 21

  6. license.wtf license.wtf Public

    Wait… should I MIT this or GPL it?

    HTML