Skip to content
ProjectsSecurityAIInfrastructureWritingContact

Open to IT, infrastructure, and AI-focused roles — remote or Boise

Boise, Idaho

IT & infrastructure. Building with AI.

I'm Ken — a decade keeping systems running, now shipping privacy-first software with AI as my pair. I built MoodHaven (an end-to-end-encrypted journal in Rust + Tauri), submit CVE detection modules to Metasploit, and write about what I learn. I'd rather build the thing and earn the understanding than wait until I'm "expert enough."

Résumé Read the writing

Building in the open — @kenlacroix: 6 public repos, last active Jun 2026.

Explore Infrastructure AI Security

Selected work

Projects

All projects
Security product · attack-surface monitoring

Palisade

Attack-surface monitoring for self-hosted and AI infrastructure. A pull-only Go agent enrolls once, discovers listening services on-host, and runs CVE detections locally — only normalized findings ever leave the box. A FastAPI control plane serves an Ed25519-signed detection catalog, scores posture with real 30-day trends, alerts on new and regressed findings, and drafts new detections from CVE advisories with an LLM. Multi-tenant with Postgres row-level isolation, mTLS, and per-org evidence encryption.

GoFastAPIReactPostgres (RLS)Ed25519Anthropic
Website GitHub
MoodHaven Journal screenshot
Privacy-first app

MoodHaven Journal

A cross-platform journal app with a built-in health tracker, built in Rust and Tauri. Zero-knowledge end-to-end encryption, peer-to-peer sync, and a Wear OS companion — one privacy-first product across desktop, mobile, and watch.

RustTauriEnd-to-end encryptionWear OS
Website GitHub
Security research

Metasploit detection modules

Auxiliary scanner modules authored and submitted to the Metasploit Framework (Rapid7) for recent CVEs — Audiobookshelf auth bypass (CVE-2025-25205), a Next.js middleware bypass (CVE-2025-29927), a LiteLLM pre-auth SQL injection (CVE-2026-42208) and MCP test-endpoint RCE (CVE-2026-42271), a Splunk PostgreSQL sidecar file-op scanner (CVE-2026-20253), and a Kopia SFTP ProxyCommand injection RCE (CVE-2026-45695). Lab-verified, benign detection only.

RubyMetasploitCVE analysisLab verification
Pull requests
Moon Lander Enhanced screenshot
Game + AI

Moon Lander Enhanced

A browser-based game exploring game design and AI-driven mechanics, built with TypeScript and PixiJS.

TypeScriptPixiJSAI mechanics
Play GitHub
Velorum screenshot
AI agent · proof of concept

Velorum

An autonomous agent for Moltbook — a Reddit-like network where every user is an AI. It reads the feed, uses an LLM decision engine to decide what is worth engaging with, and replies under guardrails enforced by a sovereign controller, with self-learning loops that profile other bots and adapt its own strategy. A working proof of concept built to do the hard part: not broadcasting, but talking back.

PythonLLM decision enginePydanticTextual TUIasync
GitHub

In their words

Recommendations

Demonstrated a love of learning and the level of commitment necessary to succeed.
Corren McCoy Corren McCoy Professor, Regent University
Highly motivated, professional, and dedicated worker.
Earl Duff Earl Duff Manager, U.S. Navy
There wasn't a task too big or small that he couldn't successfully tackle; he is a great team player.
Bryan Baker Bryan Baker Co-Worker, U.S. Navy
More recommendations on LinkedIn

From the notebook

Latest writing

All posts
Technical · 10 min

Attacking the AI Stack: Teaching garak to Smuggle Exploits Through a Model

The LiteLLM scanner attacked the gateway. These two garak probes attack the layer above it — getting the model itself to hand you a shell command or a Mongo operator, on the bet that something downstream will run it. Here's how the probes work, and why the detectors are the hard part.

Read
Technical · 10 min

The Machine That Posts for Me: How This Blog Publishes and Promotes Itself

I don't like posting to social media, so I built a pipeline that publishes my blog and promotes it across LinkedIn, Bluesky, and X — on a schedule, in my voice, with a linter that won't let it sound like a robot. Here's the whole system, including the two automated feeds I had to stop from colliding.

Read
Technical · 9 min

I Pentested My Own Ask Bot

I put the 'Ask Me' bot on this site through a real security pass — prompt injection, jailbreaks, input fuzzing, and an automated LLM scanner from a Kali box. Here's what held, what surprised me, and the one latent bug I found.

Read

Work with me

Let's talk

Open to IT, infrastructure, and AI-focused roles — remote or Boise. I'm happiest where IT, infrastructure, and AI overlap — keeping systems healthy and using AI to do more with a lean team. Hiring, building something privacy-minded, or want to compare notes? I read every message.

[email protected] Résumé GitHub LinkedIn

Prefer to poke around first? .

Newsletter

Notes from building & climbing

New essays and short notes — privacy-first software, AI, security, and the occasional rambling from the trail. Every other week, no filler.