Skip to content
View 0xCardinal's full-sized avatar
🤙
🤙
27 followers · 23 following

Achievements

Achievement: StarstruckAchievement: Pull Sharkx2Achievement: QuickdrawAchievement: YOLOAchievement: Pair Extraordinaire

Achievements

Achievement: StarstruckAchievement: Pull Sharkx2Achievement: QuickdrawAchievement: YOLOAchievement: Pair Extraordinaire

Block or report 0xCardinal

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
0xCardinal/README.md

Hey there 👋 I'm Kumar Ashwin

🛡️ Cloud & Supply Chain Security | 🔐 Usable Security Advocate | 🧠 AI + Automation Enthusiast

GitHub Streak Stats

🚀 About Me

> whoami
Security Engineer | Builder | Trainer | Hacker-in-Residence

I'm a hands-on security engineer focused on solving real-world problems with code, context, and creativity. I enjoy building tools, teaching practical security, and shaping secure systems across development pipelines and cloud-native environments.

  • 🛠️ Working at the intersection of code, infra, and security
  • 📚 Regularly speak & train at conferences like BlackHat, DEFCON, x33fcon, and Nullcon
  • 🧪 Building hands-on labs and CTFs
  • 🤖 Exploring AI-powered automation to reduce toil for security teams
  • 🔍 Helping teams scale secure engineering practices without slowing down developers

🔐 Areas of Focus

  • ☁️ Cloud Security — Misconfigurations, IAM, least privilege, Resilience
  • 🔄 Supply Chain Security — From Developer to Deployment
  • ⚙️ Automation — Tooling, Pipelines, Remediation, Zero Touch
  • 🧠 Security Enablement — Usability, Secure defaults, Guidance

🧰 Tech Stack

AWS Python Go Docker GitHub Actions Linux Bash Burp Suite JavaScript Cloudflare Postman Kubernetes

🧭 Guiding Principles

  • Break it until you understand it.
  • Design for defenders, not just auditors.
  • Build secure systems that's usable.
  • Good security scales, teaches, and disappears.

📬 Get in Touch

Working on something at the crossroads of security engineering, automation, or hacking something?
Ping me on LinkedIn or X — always up for a good security chat.

Pinned Loading

  1. CeWLio CeWLio Public

    A powerful Python-based Custom Word List Generator that crawls web pages with JavaScript support to extract words, emails, and metadata for security testing and research.

    Python 3

  2. covert-canary-detection covert-canary-detection Public

    This repository details various methods to identify canary tokens without triggering them.

    Python 2

  3. madhuakula/kubernetes-goat madhuakula/kubernetes-goat Public

    Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀

    HTML 5.4k 955

  4. redhuntlabs/Project-Resonance redhuntlabs/Project-Resonance Public

    54 14

  5. NotSoSecure/cloud-sec-wiki NotSoSecure/cloud-sec-wiki Public

    Jekyll Files for cloudsecwiki.com

    CSS 49 21

  6. license.wtf license.wtf Public

    Wait… should I MIT this or GPL it?

    HTML