Josh Sisto secures systems, networks, and AI pipelines.
Cybersecurity professional first, builder second. This page is the live demo — a locked-down AI pipeline (a local LLM behind a gated proxy), real-time visitor-recon receipts, browser-side PGP, and a sandboxed Linux box you can boot right here.
What this page reads about your browser
To run the human check and power the chat, this page reads basic, header-level details your browser already sends — screen size, language, timezone, coarse hardware — and sends them only to Josh's local bot, kept for your session and never sold.
The deeper "what your browser leaks" demo — canvas and WebGL hashes, an audio fingerprint, installed fonts — is opt-in: unlock the chat, open "What I can already see about you", then press Reveal to run it.
Optional — saves your chat history and lesson progress. Works with Gmail or any email.
No magic — every site you visit sees this; Josh just made the receipts readable. Approximate city and network come from a one-time IP lookup (cached briefly) and are shown only to you.
Hands-on
Labs — live tools you can run now
Break the bot, boot a throwaway box, and audit a real domain. Everything here is sandboxed — nothing you do touches Josh's systems.
Red-team the gatekeeper
Try to jailbreak the bot
Red-team the gatekeeper
Try to jailbreak the bot
Its rules live in a server-side prompt your browser never sees, behind a same-origin gate and per-IP caps — and there are no secrets in it to spill (Josh's real infrastructure isn't in there). It held every attack in a 24-shot red-team pass. Take a swing — tap one and watch it hold:
Pass the human check above first — then these run in the live chat. Actually land a leak? Josh wants to hear about it: [email protected].
Live tool — a real shell, fully sandboxed
Boot a throwaway Linux box
Click and you'll drop into a real, interactive Linux shell — a fresh container that self-destructs the moment you leave. Pick a plain box or a guided lab. It has no route to the LAN or internet (by design), runs unprivileged on an isolated throwaway VM, and is capped on CPU, memory, processes, and time. It ships live, SSRF-hardened recon tools (
domain-check
,
fetch
,
dns
,
rdap
,
tls
,
headers
,
ask
) and a
learn
study platform with full CompTIA cert tracks — Network+, Linux+, Security+, CySA+ and PenTest+, plus cross-cert capstones; the multi-box labs spin up a private network
between
throwaway boxes so you can practice safely. Break it, wipe it — nothing you do here touches Josh's systems.
Pick what to boot:
-
plain— a throwaway box, no network at all -
recon— one box + the live, SSRF-hardened recon tools (grade a domain, inspect its TLS, read headers, run DNS/RDAP) -
client / server— two boxes on a private network; reach the server and find the hidden flag -
ctf-web— attack a deliberately-vulnerable web app (path traversal) and capture the flag -
purple-team— two boxes: probe a web login (red), then hunt your own campaign in its access log (blue) -
study— a solo box for CompTIA study; runlearnto pick a track (Network+, Linux+, Security+, CySA+, PenTest+) or a capstone
Opens an in-page terminal, then asks you to pick a plain box or a lab. Pass the human check above first. Sessions run ~10 minutes and are limited — be kind to the next visitor.
Live tool — try it on your own domain
Audit a domain's security posture
Type any public domain and I'll run a read-only external audit — DNSSEC, SPF/DMARC/CAA, TLS version and certificate, and HTTP security headers — then grade it. The scanner is deliberately hardened against SSRF: it refuses IP literals, internal names, and any domain that resolves to a private or reserved address.
Your saved audits
Don't trust — verify
Trust — check every claim yourself
Josh's published cryptographic identity, this domain's independently-verifiable posture, and how the whole pipeline is fenced in.
Built like a portfolio piece
What this page is quietly flexing
Built like a portfolio piece
What this page is quietly flexing
Streaming AI, fenced in
A same-origin PHP proxy gates every request, rate-limits abuse, clamps history, and streams tokens without exposing the LAN model.
Recon with receipts
IP, VPN flags, user agent, TLS, timezone, screen, and privacy headers are surfaced transparently instead of being hidden in logs.
Crypto-native contact
The page publishes identity material and encrypts sensitive messages to Josh's PGP key in the browser.
Operator habits
The public gag is backed by documented nginx routing, runbooks, challenge logic, and defensive defaults.
Defense in depth
How this AI is fenced in
Defense in depth
How this AI is fenced in
Every request crosses the same walls, in order. The model never touches the network directly — it can only ask the server to run a fixed, validated set of read-only tools, and a container escape lands on a throwaway box with no route anywhere.
The chat, gated end to end
The throwaway box, on a capability bus
Same idea in both lanes: the untrusted side (your browser, or a hostile container) can only reach a narrow, validated door — never the model, the LAN, or Josh's origin directly.
Don't trust — verify
Security receipts for this domain
Don't trust — verify
Security receipts for this domain
Every line here is observable from the open internet — run the commands and check for yourself.
DNSSEC, validating
Signed with algorithm 13 (ECDSA P-256); public resolvers return the Authenticated-Data flag.
dig +dnssec joshsisto.com
TLS 1.2 / 1.3 only
TLS 1.0/1.1 refused, X25519 forward secrecy, HSTS for two years including subdomains.
nmap --script ssl-enum-ciphers -p443 joshsisto.com
Locked-down headers
CSP default-src 'none', nosniff, SAMEORIGIN, and a denied Permissions-Policy.
curl -sI https://joshsisto.com
Mail + CA hardening
SPF and DMARC (p=quarantine) published, CAA restricts issuers, mail on ProtonMail.
dig TXT _dmarc.joshsisto.com +short
Signed identity
A PGP-clear-signed security.txt and published SSH keys verify my signed files and commits.
ssh-keygen -Y verify -f allowed_signers
No inline scripts or styles
This page runs zero inline JavaScript and zero inline CSS — its CSP script-src and style-src both drop 'unsafe-inline'.
curl -sI https://joshsisto.com | grep -i content-security
Verify it's really me
Don't take a chatbot's word for it — here's my published cryptographic identity, all in one place.
294C DF7C 8D18 ABDD 5B8A 0DAA 8CDB 89F8 30BC 60EA
A fingerprint is a short hash of my public key. If a key shows this fingerprint everywhere you look, it's mine.
- PGP public key (pgp.txt) — also auto-discoverable via WKD
- security.txt (RFC 9116) — PGP-clear-signed
- SSH public keys
- allowed_signers — verify my SSH-signed files
Or check it live, right here: this fetches my PGP-signed security.txt and verifies the signature in your browser — nothing to install, nothing trusted on my word.
Send an encrypted message
Encrypted in your browser with my PGP key — the plaintext never leaves this page. Send the ciphertext straight to me (my server relays it without ever being able to read it), or copy it into your own email.
Learn by doing
Playground — public-key crypto, hands-on
Generate keys, sign and verify, encrypt and decrypt — all in your browser. Nothing is uploaded.
Public-key crypto, hands-on
Verify my signature, then learn how it works by doing it — keys are generated and used entirely in your browser. Nothing is uploaded.
A keypair is a public key you hand out and a private key you guard. The public key locks (encrypts) and checks signatures ; the private key unlocks (decrypts) and signs . Try each piece below.
1 My key & fingerprint
The very key the encrypt box above uses. A fingerprint is a short hash of a public key — compare it across sources (this page, my pgp.txt , a keyserver) to be sure a key is really mine.
2 Verify a signed message
Paste a PGP clear-signed message — if it checks out, the signer's private key made it and not one byte changed. Hit the button for a statement I signed with my key (proof it's really me), or verify one you make in steps 3–4.
Use a different signer's public key
3 Make your own keypair
Generated in your browser — nothing leaves this page. This is a throwaway demo key for learning, not your real identity; for keys you'll actually rely on, make them offline in GnuPG. Guard the private key and its passphrase; the public key is yours to share.
4 Sign & verify with your key
Sign with your private key; anyone verifies with your public key. (Generate a keypair in step 3 first.)
5 Encrypt & decrypt (round-trip)
Encrypt to your public key, then decrypt with your private key + passphrase. This is exactly what the “Send an encrypted message” box does with my key — only the private key can open it.