I'm a Network & Systems Engineer / Teaching Lab Aid focused on cybersecurity, network observability, and AI infrastructure. I build SOC tooling, MCP servers, and agent workflows that run on real production gear, not toy demos. I write about it at solomonneas.dev/blog.
US based in Tampa, FL, near the beach.
- 👨👧 Father, retired chef of 17 years, OSS contributor, and beach lover when I'm not on a screen.
- 📜 M.S. Cybersecurity Intelligence & Information Security at the University of South Florida.
- 🛡️ Building open-source SOC + threat intel tooling on bare-metal Proxmox.
- 🤖 Deep in multi-agent orchestration, MCP servers, and detection engineering.
- 🪢 n8n enthusiast, wiring up self-hosted automation for intel pipelines, monitoring, and SOC ops.
- 🧭 Currently exploring self-hosted AI stacks, network observability, and incident response automation.
- 🗣️ Ask me about Proxmox, network monitoring, MCP servers, OpenClaw, agent orchestration, and open-source SOC.
- ⚙️ Big believer in open source, dogfooding everything, and writing it down so the next person doesn't have to figure it out.
- 🫶 If my work helped you, buy me a coffee or tip on Ko-fi.
- 📫 Reach me at me@solomonneas.dev · LinkedIn · X
Some of the projects I've built and maintain:
OpenClaw & Dev Tools
- 🔍 code-search-api - Local semantic code search with Ollama embeddings, SQLite, hybrid search, and LLM summaries.
- 🦞 solos-cookbook - Opinionated, dogfooded guide to running a 24/7 multi-agent AI stack on bare metal.
- 🍳 solo-mise - Mise en place for the cookbook: agent profiles, content scrubber, handoff, and memory ingester.
- 📊 usage-tracker - Token usage and cost analytics for OpenClaw sessions across models.
- 📚 prompt-library - Dual-mode prompt management with browse/copy UI and a REST API for sub-agents.
- 🛂 content-guard - Policy-driven content scanning and publish checks.
- 🩺 memory-doctor - Maintenance CLI for the Claude Code and OpenClaw memory systems.
Security & Threat Intelligence
- 🛡️ cyberbrief - AI threat intel briefings with BLUF reports, ATT&CK mapping, and IOC extraction.
- 🔍 bro-hunter - Threat hunting for Zeek and Suricata logs with beaconing detection and MITRE mapping.
- 🔬 intel-workbench - Threat intel analysis with ACH matrices, evidence weighting, and STIX export.
- 📖 hotwash - SOC playbook parser with mermaid diagram generation and Wazuh alert ingestion.
- 🏗️ soc-stack - Full SOC architecture covering MCP servers, detection pipelines, and deployment playbooks.
MCP Servers
- 🧠 cortex-mcp - Observable analysis for IOCs, reports, and response actions.
- 🛡️ wazuh-mcp - SIEM access for agents, alerts, rules, and decoders.
- 🔬 misp-mcp - Threat intel search, IOC correlation, and STIX/Suricata/CSV export.
- 🐝 thehive-mcp - Incident response workflows for cases, alerts, tasks, and observables.
- ⚔️ mitre-mcp - MITRE ATT&CK technique mapping, threat group profiling, and detection gap analysis.
- 🔎 zeek-mcp - Network monitoring access for connection, DNS, HTTP, and SSL logs.
- 🦔 suricata-mcp - IDS/IPS workflows for managing rules, querying alerts, and analyzing traffic.
- 🕸️ maltego-mcp - Maltego graph authoring and OSINT lookups for whois, DNS, ASN, and crt.sh.
- ⚙️ n8n-ops-mcp - Ops control for n8n workflows, validation, and execution lifecycle.
- 📮 postiz-mcp - Postiz social scheduling control with full public-API coverage, env-gated writes, and a 30/hr rate-limit guard.
- 🧱 adguard-mcp - AdGuard Home control with 28 tools across read, safe-write, and destructive tiers.
- 🖥️ proxmox-mcp - Proxmox VE control with 12 tools for container/VM lifecycle, snapshots, and backups.
- 📡 librenms-mcp - LibreNMS control with 10 tools for device, port, and alert reads plus alert acks.
Network & Infrastructure
- 🔭 watchtower - NOC dashboard with interactive topology, L2/L3 views, and LibreNMS/Proxmox integration.
- 🔌 portgrid - Switch port visualization for LibreNMS with color-coded views and instant search.
- 🔒 proxguard - Proxmox firewall rule visualization with conflict detection and rule simulation.
- 📶 eero-cli - CLI for the eero mesh API with SMS auth, filtered device listing, and bulk blocking.
- 🐧 samba-ad-migration - Windows AD to Samba file share migration scripts for Proxmox.
Media Automation
- 🎬 jellyfin-mcp - Control Jellyfin from LLMs with playback sessions, library scans, user admin, and 20 MCP tools.
- 🎞️ reelgrep - Local video search with ffprobe metadata, Whisper transcription, and FTS5 subtitle search.
- 🔍 reelgrep-mcp - MCP wrapper for reelgrep with citation-formatted timestamps from your local video library.
Streaming & OBS
- 🎛️ deckctl - Declarative driver for the Elgato Stream Deck with YAML config and OBS execution.
- 🎥 obsctl - kubectl-style multi-host wrapper for managing OBS Studio across machines from one CLI.
Currently Contributing To
- 🧃 vincentkoc/tokenjuice - Lean output compaction for terminal-heavy agent workflows.
- 📝 steipete/summarize - Fast summaries from URLs, files, and media via CLI and browser sidebars.
- 📬 steipete/gogcli - Google Suite CLI for Gmail, Calendar, Drive, and Contacts.
- 🦞 openclaw/openclaw - Agent harness and CLI that runs my entire multi-agent stack on bare metal.
- 🦞 openclaw/plugin-inspector - Offline compatibility inspector for mocking OpenClaw and testing plugins.
- 🔌 openclaw/acpx - Headless CLI client for stateful Agent Client Protocol (ACP) sessions.
- 💬 steipete/discrawl - CLI for Discord with a SQLite backend.
- 🎭 microsoft/playwright - Cross-browser automation and testing framework.
I'm always open to building, contributing, collaborating, and chatting. Feel free to reach out.
- 💰 How I Migrated 6 Servers from VMware to Proxmox and Saved $343K
- 🖥️ I Migrated Our Entire Infrastructure from Hyper-V to Proxmox
- 💿 Replacing SCCM with FOG Project
- 🛡️ I'm a Lab Assistant. So I Built My Own SOC
- 🧩 I Built 7 MCP Servers for Security Tools. The Protocol Was the Easy Part.
- 📡 A Fiber Cut at 2 PM Taught Me Why I Needed to Build Watchtower
- 🎓 3 Days, 18 Hours: What I Learned at NDG's Proxmox Workshop
- 🤖 Anthropic Broke My OpenClaw Stack. GPT 5.4 Put It Back Together
