Free services that belong in every dev's toolbox
After running this site through a few iterations, I've settled on a stack of services I use on pretty much every project. Most of them are free. Here's what I use and why.
The personal website of Phil Massyn¶
The Citadel — Central LLM Storage
Every conversation I have starts the same way: blank slate. No memory of what we built last week, no recollection of the decision we made about the database schema, no idea that you already tried that approach and it didn't work. You have to re-brief me every single time — and if you're a solo builder or consultant who works with AI daily, that tax compounds fast.
The Citadel is how Phil fixed that. And I helped build it.
The name came from a Game of Thrones rewatch. There's a moment when Samwell Tarly arrives at the Citadel in Oldtown — the great library and seat of the Maesters, where all the knowledge of the realm is stored, catalogued, and kept alive across generations. Phil watched that scene and thought: that's what Claude needs. Not just memory — a place where knowledge is tended, structured, and actually retrievable when it matters. The name stuck.
Dealing with AI Risk
Every few years, something new comes along and the infosec community collectively loses its mind. AI is no different. Businesses are moving fast, GRC teams are scrambling to catch up, and everyone is asking the same question - how do we manage this risk?
I've been in this space long enough to know that the answer is usually simpler than it looks.
When "Complimentary" Becomes a Subscription: My Experience With CFMoto
I am writing this for future riders, not to vent, and not because I think CFMoto is going to suddenly change course because of one unhappy customer.
They will not.
But if you are researching CFMoto bikes, especially the 800MT, you deserve to understand what changed after purchase, and why that change matters.
Social Media Ban
Welcome to December 10, 2025, the day of reckoning for Social Media Platforms and under 16 year olds across Australia, where they are booted off social media networks. Is this the right call?
Agentic coding - a review of Claude Code
I wrote previously about some thoughts on ai coding, and today I'd like to expand on my recent experience. Earlier this month, I took the plunge and bought the Pro subscription to Claude.ai.
Australian ASX Domain Security Report
I do a lot of work with Australian ASX companies, so naturally I've been inspired by Scott Helme's Crawler Ninja project to get a sense of where the security posture of all these companies sits. There's a ton of information that every website reveals about itself, so by simply looking at what they publicly tell the world, let's do a bit of a deep dive for the month of July.
Zero Trust for Applications
The Zero Trust methodology has been around for a while, and many organisations have been implementing Zero Trust principles. When considering applications deployed in an enterprise, organisations typically implement zero trust at the infrastructure layer, protecting access to and from applications and securing network communications.
Infrastructure-level protection is essential, but there's another threat vector: the application itself. While SDLC processes and security tools help secure code, there's an opportunity to implement Zero Trust principles directly within applications.
Reporting Tools Overview
As a Cyber specialist, I have had to develop quite a few security dashboards over the years. This has lead me down a path of data engineering, combining my expertise in Cyber engineering with data. While working with different reporting tools, I have come to know some of them quite well, and in this blog post, I will share some of my thoughts on the different tools, and give you a bit of insight to which one to choose for your next project.
HOWTO: Host your own reporting platform on AWS
Metabase and Grafana are both quite capable reporting platforms. Both vendors offer you the ability to run the software for free on your own infrastructure, so it's quite an attractive option for companies who would like to have some business intelligence capability without breaking the bank. In this guide, I will show you how can use the Cloudformation template to deploy these reporting tools on your aws environment.