Intel/Military Deep (18 variants):
frodo/pakistan, india, nato-alliance, nuclear, energy-geopolitics, turkey
marshal/russian-doctrine, chinese-doctrine, turkish-doctrine, iranian-military
warden/drone-warfare, naval-warfare, electronic-warfare
centurion/ukraine-russia, ottoman-wars
wraith/case-studies (Ames, Penkovsky, Cambridge Five)
echo/electronic-order-of-battle
ghost/russian-info-war (IRA, GRU cyber, dezinformatsiya)
scribe/cold-war-ops (CIA/KGB ops, VENONA, Gladio)
Professional Specializations (12 variants):
neo/social-engineering, mobile-security
phantom/bug-bounty
specter/firmware
bastion/incident-commander
sentinel/darknet
oracle/crypto-osint
marshal/wargaming
corsair/proxy-warfare
polyglot/swahili
forge/agent-dev
Dynamic config system:
config.yaml — user-specific settings
config.example.yaml — template for new users
build.py — config-aware with {{variable}} injection + conditionals
Total: 108 prompt files, 20,717 lines, 29 personas
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
240 lines
7.1 KiB
YAML
240 lines
7.1 KiB
YAML
# Persona Library Configuration — Salva (LTT / 0x534C56)
|
||
|
||
user:
|
||
name: "Salva"
|
||
handle: "0x534C56"
|
||
location: "Turkey (GMT+3)"
|
||
role: "Cybersecurity Consultant & Intelligence Analyst"
|
||
languages:
|
||
native: "tr"
|
||
fluent: ["tr", "en"]
|
||
learning: ["ru", "ar", "sw", "fr", "fa", "ur"]
|
||
communication:
|
||
style: "direct"
|
||
primary_interface: "telegram"
|
||
casual_language: "tr"
|
||
technical_language: "en"
|
||
|
||
infrastructure:
|
||
servers:
|
||
- name: "local"
|
||
ip: "192.168.1.27"
|
||
ssh_port: 2424
|
||
role: "home-server"
|
||
os: "debian"
|
||
services: ["portainer", "ghost", "komga", "adguard", "tailscale", "cloudflared"]
|
||
- name: "desktop"
|
||
ip: "192.168.1.106"
|
||
role: "dev-machine"
|
||
containers: ["olla", "reporter-ollama", "foia-postgres", "killchain-mariadb"]
|
||
- name: "hasbam"
|
||
ip: "45.155.127.115"
|
||
ssh_user: "ltt"
|
||
role: "multi-purpose"
|
||
containers: ["kali-cti", "minio", "syncthing", "proudstar-license"]
|
||
- name: "n8n"
|
||
ip: "45.155.127.116"
|
||
ssh_user: "hasbam"
|
||
role: "automation-hub"
|
||
containers: ["n8n", "gitea", "freshrss", "prometheus", "wireguard", "rustdesk", "nginx-proxy"]
|
||
- name: "osint"
|
||
ip: "48.216.242.250"
|
||
ssh_user: "osint"
|
||
role: "osint-ops"
|
||
containers: ["n8n", "maigret-api", "theharvester-api", "holehe-api", "phoneinfoga", "ip-api-server"]
|
||
- name: "oracle"
|
||
ip: "140.245.13.61"
|
||
ssh_user: "opc"
|
||
role: "demirsanat-prod"
|
||
containers: ["demirsanat-web", "demirsanat-api", "demirsanat-db", "nginx-proxy"]
|
||
- name: "meldora"
|
||
ip: "5.178.111.147"
|
||
ssh_user: "root"
|
||
role: "community"
|
||
containers: ["meldora-site", "postgresql"]
|
||
- name: "asm-c2"
|
||
ip: "50.114.185.136"
|
||
ssh_user: "root"
|
||
role: "asm-control-plane"
|
||
containers: ["asm-api", "asm-control", "asm-orchestrator", "asm-scheduler", "asm-ingestion", "asm-delta", "asm-admin", "asm-customer", "asm-nginx", "asm-elasticsearch", "asm-rabbitmq", "asm-mariadb", "asm-redis"]
|
||
- name: "asm-worker1"
|
||
ip: "50.114.185.213"
|
||
role: "asm-worker"
|
||
- name: "asm-worker2"
|
||
ip: "50.114.185.53"
|
||
role: "asm-worker"
|
||
- name: "asm-worker3"
|
||
ip: "50.114.185.108"
|
||
role: "asm-worker"
|
||
|
||
llm:
|
||
provider: "ollama"
|
||
endpoint: "http://127.0.0.1:40114"
|
||
load_balancer: "olla"
|
||
server_count: 855
|
||
healthy_count: 483
|
||
default_model: "llama3.1"
|
||
models:
|
||
- name: "llama3.1"
|
||
purpose: "general"
|
||
servers: 127
|
||
- name: "deepseek-r1"
|
||
purpose: "reasoning"
|
||
- name: "gemma3"
|
||
purpose: "general"
|
||
- name: "qwen3-235b"
|
||
purpose: "reasoning"
|
||
- name: "qwen3-coder-30b"
|
||
purpose: "coding"
|
||
|
||
tools:
|
||
rss_aggregator: true
|
||
rss_endpoint: "http://localhost:32770"
|
||
osint_tools: true
|
||
osint_endpoint: "http://48.216.242.250"
|
||
sdr_scanner: true
|
||
pcap_analyzer: true
|
||
vulnerability_scanner: true
|
||
exploit_framework: true
|
||
reverse_engineering: true
|
||
forensics_tools: true
|
||
c2_framework: false
|
||
threat_intel_platform: false
|
||
siem: false
|
||
docker: true
|
||
kubernetes: false
|
||
cloud_provider: "oracle"
|
||
monitoring: true
|
||
monitoring_endpoint: "http://45.155.127.116:9090"
|
||
vpn: true
|
||
portainer: true
|
||
portainer_url: "https://portainer.aligundogar.com.tr"
|
||
portainer_api_key: "ptr_mvD089keMlTfMHYVdbxafkuE6aP5ZTOKBOt6hr4qiSk="
|
||
syncthing: true
|
||
git_server: "https://gitea.taygun.net.tr"
|
||
|
||
data_sources:
|
||
knowledge_base: "/home/salva/Obsidian"
|
||
book_library: "/mnt/storage/Common/Books"
|
||
foia_collection: true
|
||
foia_path: "/mnt/storage/Common/Books/Istihbarat"
|
||
foia_file_count: 27811
|
||
intel_feeds: true
|
||
intel_feed_count: 3186
|
||
intel_feed_categories: ["iran", "cyber", "russia", "ukraine", "defense", "intel", "tech", "turkey", "mideast", "africa"]
|
||
custom_databases:
|
||
- name: "Iran Intelligence DB"
|
||
path: "~/notes/geopolitics/Iran"
|
||
size: "80GB"
|
||
description: "17 subdirectories, 210+ JSON feeds"
|
||
- name: "CIA FOIA Collection"
|
||
path: "/mnt/storage/Common/Books/Istihbarat/CIA"
|
||
size: "21211 files"
|
||
- name: "NSA SIGINT FOIA"
|
||
path: "/mnt/storage/Common/Books/SiberGuvenlik/FOIA-IA-NSA-SIGINT"
|
||
size: "306 files"
|
||
|
||
frameworks:
|
||
uap: true
|
||
ach: true
|
||
ach_over_tot: true
|
||
pmesii_pt: true
|
||
dime_fil: true
|
||
ascope: true
|
||
mitre_attack: true
|
||
kill_chain: true
|
||
diamond_model: true
|
||
disarm: true
|
||
owasp: true
|
||
ic_confidence: true
|
||
multi_source_verification: true
|
||
bluf_reporting: true
|
||
output_modes: ["exec_summary", "full_report", "json", "visual"]
|
||
|
||
regional_focus:
|
||
primary: ["iran", "russia", "syria"]
|
||
secondary: ["turkey", "africa", "china", "middle-east"]
|
||
|
||
persona_defaults:
|
||
language:
|
||
casual: "tr"
|
||
technical: "en"
|
||
reports: "en"
|
||
address_style: "custom"
|
||
custom_addresses:
|
||
neo: "Sıfırıncı Gün"
|
||
frodo: "Müsteşar"
|
||
oracle: "Kaşif"
|
||
ghost: "Propagandist"
|
||
wraith: "Mahrem"
|
||
echo: "Kulakçı"
|
||
marshal: "Mareşal"
|
||
warden: "Topçubaşı"
|
||
centurion: "Vakanüvis"
|
||
corsair: "Akıncı"
|
||
arbiter: "Kadı"
|
||
ledger: "Defterdar"
|
||
tribune: "Müderris"
|
||
chronos: "Tarihçibaşı"
|
||
scribe: "Verakçı"
|
||
polyglot: "Tercüman-ı Divan"
|
||
herald: "Münadi"
|
||
architect: "Mimar Ağa"
|
||
forge: "Demirci"
|
||
scholar: "Münevver"
|
||
sage: "Arif"
|
||
medic: "Hekim Başı"
|
||
gambit: "Vezir"
|
||
phantom: "Beyaz Şapka"
|
||
cipher: "Kriptoğraf"
|
||
specter: "Cerrah"
|
||
bastion: "Muhafız"
|
||
vortex: "Telsizci"
|
||
sentinel: "İzci"
|
||
|
||
projects:
|
||
- name: "Reporter"
|
||
stack: "FastAPI, Flask, Ollama, SQLite, Bootstrap PWA"
|
||
description: "AI-powered news analysis with 25+ RSS categories"
|
||
status: "production"
|
||
- name: "Kill Chain Scanner"
|
||
stack: "Bash, Go tools, nmap, nuclei"
|
||
description: "Automated pentest framework (kill chain methodology)"
|
||
status: "production"
|
||
- name: "FOIA Tool"
|
||
stack: "Rust (7 crates), Axum, PostgreSQL"
|
||
description: "Declassified document scraper with OCR+LLM"
|
||
status: "production"
|
||
- name: "ProudStar ASM"
|
||
stack: "FastAPI, Next.js 14, MariaDB, Elasticsearch, RabbitMQ"
|
||
description: "Enterprise attack surface management (1,714 endpoints)"
|
||
status: "production"
|
||
- name: "Demirsanat"
|
||
stack: "Next.js 16, Express, PostgreSQL"
|
||
description: "Music academy management system"
|
||
status: "production"
|
||
- name: "İstihbarat Haber"
|
||
stack: "React, Node.js"
|
||
description: "Intelligence news platform (3,186 RSS feeds, 463 endpoints)"
|
||
status: "development"
|
||
- name: "Evoswarm-AGI"
|
||
stack: "Python, Docker, Redis, FastAPI"
|
||
description: "Autonomous Docker agent swarm"
|
||
status: "experimental"
|
||
|
||
professional:
|
||
company: "Born2beRoot / ProudSec / PROUDSTAR"
|
||
role: "CTI Analyst & Penetration Tester"
|
||
certifications: []
|
||
specializations: ["web-security", "CTI", "red-team", "OSINT", "geopolitical-analysis"]
|
||
active_engagements:
|
||
- name: "Proudsec Campaign"
|
||
scope: "411 domains, 37 root domains, 5 organizations"
|
||
status: "active"
|
||
- name: "Ruijie Firewall 0day"
|
||
scope: "RG-WALL 1600-Z5100-S"
|
||
status: "active"
|
||
- name: "Kenya/Africa Expansion"
|
||
scope: "Government cybersecurity procurement"
|
||
status: "planning"
|