Josh Sisto secures systems, networks, and AI pipelines.

Cybersecurity professional first, builder second. This page is the live demo — a locked-down AI pipeline (a local LLM behind a gated proxy), real-time visitor-recon receipts, browser-side PGP, and a sandboxed Linux box you can boot right here.

Live demo: browser signal check → PHP gate → streamed AI.
Email
Solve the check below to reveal it.

Loading the question…

Solving this reveals Josh's email and unlocks the gatekeeper chat.
What this page reads about your browser

To run the human check and power the chat, this page reads basic, header-level details your browser already sends — screen size, language, timezone, coarse hardware — and sends them only to Josh's local bot, kept for your session and never sold.

The deeper "what your browser leaks" demo — canvas and WebGL hashes, an audio fingerprint, installed fonts — is opt-in: unlock the chat, open "What I can already see about you", then press Reveal to run it.

Sign in
Google
Signed in as

Optional — saves your chat history and lesson progress. Works with Gmail or any email.

For anything real, use the email above.

Hands-on

Labs — live tools you can run now

Break the bot, boot a throwaway box, and audit a real domain. Everything here is sandboxed — nothing you do touches Josh's systems.

Red-team the gatekeeper

Try to jailbreak the bot

Its rules live in a server-side prompt your browser never sees, behind a same-origin gate and per-IP caps — and there are no secrets in it to spill (Josh's real infrastructure isn't in there). It held every attack in a 24-shot red-team pass. Take a swing — tap one and watch it hold:

Pass the human check above first — then these run in the live chat. Actually land a leak? Josh wants to hear about it: [email protected].

Live tool — a real shell, fully sandboxed

Boot a throwaway Linux box

Click and you'll drop into a real, interactive Linux shell — a fresh container that self-destructs the moment you leave. Pick a plain box or a guided lab. It has no route to the LAN or internet (by design), runs unprivileged on an isolated throwaway VM, and is capped on CPU, memory, processes, and time. It ships live, SSRF-hardened recon tools ( domain-check , fetch , dns , rdap , tls , headers , ask ) and a learn study platform with full CompTIA cert tracks — Network+, Linux+, Security+, CySA+ and PenTest+, plus cross-cert capstones; the multi-box labs spin up a private network between throwaway boxes so you can practice safely. Break it, wipe it — nothing you do here touches Josh's systems.

Pick what to boot:

  • plain — a throwaway box, no network at all
  • recon — one box + the live, SSRF-hardened recon tools (grade a domain, inspect its TLS, read headers, run DNS/RDAP)
  • client / server — two boxes on a private network; reach the server and find the hidden flag
  • ctf-web — attack a deliberately-vulnerable web app (path traversal) and capture the flag
  • purple-team — two boxes: probe a web login (red), then hunt your own campaign in its access log (blue)
  • study — a solo box for CompTIA study; run learn to pick a track (Network+, Linux+, Security+, CySA+, PenTest+) or a capstone

Opens an in-page terminal, then asks you to pick a plain box or a lab. Pass the human check above first. Sessions run ~10 minutes and are limited — be kind to the next visitor.

Live tool — try it on your own domain

Audit a domain's security posture

Type any public domain and I'll run a read-only external audit — DNSSEC, SPF/DMARC/CAA, TLS version and certificate, and HTTP security headers — then grade it. The scanner is deliberately hardened against SSRF: it refuses IP literals, internal names, and any domain that resolves to a private or reserved address.

Public domains only — pass the human check above to enable live audits.

Don't trust — verify

Trust — check every claim yourself

Josh's published cryptographic identity, this domain's independently-verifiable posture, and how the whole pipeline is fenced in.

Built like a portfolio piece

What this page is quietly flexing

Streaming AI, fenced in

A same-origin PHP proxy gates every request, rate-limits abuse, clamps history, and streams tokens without exposing the LAN model.

Recon with receipts

IP, VPN flags, user agent, TLS, timezone, screen, and privacy headers are surfaced transparently instead of being hidden in logs.

Crypto-native contact

The page publishes identity material and encrypts sensitive messages to Josh's PGP key in the browser.

Operator habits

The public gag is backed by documented nginx routing, runbooks, challenge logic, and defensive defaults.

Defense in depth

How this AI is fenced in

Every request crosses the same walls, in order. The model never touches the network directly — it can only ask the server to run a fixed, validated set of read-only tools, and a container escape lands on a throwaway box with no route anywhere.

The chat, gated end to end

The throwaway box, on a capability bus

Same idea in both lanes: the untrusted side (your browser, or a hostile container) can only reach a narrow, validated door — never the model, the LAN, or Josh's origin directly.

Don't trust — verify

Security receipts for this domain

Every line here is observable from the open internet — run the commands and check for yourself.

DNSSEC, validating

Signed with algorithm 13 (ECDSA P-256); public resolvers return the Authenticated-Data flag.

dig +dnssec joshsisto.com

TLS 1.2 / 1.3 only

TLS 1.0/1.1 refused, X25519 forward secrecy, HSTS for two years including subdomains.

nmap --script ssl-enum-ciphers -p443 joshsisto.com

Locked-down headers

CSP default-src 'none', nosniff, SAMEORIGIN, and a denied Permissions-Policy.

curl -sI https://joshsisto.com

Mail + CA hardening

SPF and DMARC (p=quarantine) published, CAA restricts issuers, mail on ProtonMail.

dig TXT _dmarc.joshsisto.com +short

Signed identity

A PGP-clear-signed security.txt and published SSH keys verify my signed files and commits.

ssh-keygen -Y verify -f allowed_signers

No inline scripts or styles

This page runs zero inline JavaScript and zero inline CSS — its CSP script-src and style-src both drop 'unsafe-inline'.

curl -sI https://joshsisto.com | grep -i content-security

Verify it's really me

Don't take a chatbot's word for it — here's my published cryptographic identity, all in one place.

PGP key fingerprint
294C DF7C 8D18 ABDD 5B8A 0DAA 8CDB 89F8 30BC 60EA

A fingerprint is a short hash of my public key. If a key shows this fingerprint everywhere you look, it's mine.

Or check it live, right here: this fetches my PGP-signed security.txt and verifies the signature in your browser — nothing to install, nothing trusted on my word.

Send an encrypted message

Encrypted in your browser with my PGP key — the plaintext never leaves this page. Send the ciphertext straight to me (my server relays it without ever being able to read it), or copy it into your own email.

Learn by doing

Playground — public-key crypto, hands-on

Generate keys, sign and verify, encrypt and decrypt — all in your browser. Nothing is uploaded.

Public-key crypto, hands-on

Verify my signature, then learn how it works by doing it — keys are generated and used entirely in your browser. Nothing is uploaded.