SCW Platform — Architecture & Disaster Recovery Guide

Last Updated: April 9, 2026

1. Platform Overview

Shimi’s Cyber World (SCW) is a cybersecurity intelligence hub.

• Website: shimiscyberworld.com — Jekyll static site on GitHub Pages
• Repository: Shimicohen1/shimis-cyber-world (PUBLIC)
• Feed Engine: scw-telegram-feed — Node.js, runs on Azure ACI
• LinkedIn: linkedin.com/in/shimi-cohen-62a4222b
• Telegram: t.me/shimiscyberworld

2. Architecture Map

┌──────────────────────────────────────────────────────────────────┐
│                         CONTENT SOURCES                          │
│                                                                  │
│  Telegram Channels ──→ scw-telegram-feed (Azure ACI)            │
│   • DARKFEED            │ Monitors 8+ Telegram channels          │
│   • Cyber Threat Intel  │ AI-rewrites via Gemini Flash           │
│   • CVE Notify          │ Pushes .md posts to GitHub + Telegram  │
│   • CISA KEV            │                                        │
│   • INCD (gov.il)       │ Also: INCD Scraper (GitHub Actions)    │
│                         └───────┬────────────────────────────────┘
│                                 │
│                                 ▼
│  ┌──────────────────────────────────────────────────────────────┐
│  │              GitHub Repository (PUBLIC)                       │
│  │              Shimicohen1/shimis-cyber-world                  │
│  │                                                              │
│  │  _posts/          ← AI-generated threat intel articles       │
│  │  _data/           ← hardening.yml, tools.yml, resources.yml  │
│  │  assets/          ← CSS, JS, images                          │
│  │  .github/         ← Actions workflows + scripts              │
│  │  .engine-backup/  ← Feed engine code snapshot                │
│  └──────────────┬──────────────────────┬───────────────────────┘
│                 │                      │
│           GitHub Pages            GitHub Actions
│                 │                      │
│                 ▼                      ▼
│  ┌─────────────────────┐   ┌──────────────────────────────────┐
│  │  shimiscyberworld.com│   │  Automated Workflows:            │
│  │  (Static Site)       │   │  • Weekly Enrichment (Sundays)   │
│  │                      │   │  • INCD Scraper (every 6 hours)  │
│  │  Pages:              │   │  • LinkedIn Poster (daily 10am)  │
│  │  • Live Feed         │   │  • Engine Backup (Sundays)       │
│  │  • Vulnerabilities   │   └──────────────────────────────────┘
│  │  • LockDown (847)    │
│  │  • BreachRadar       │
│  │  • Detection Vault   │
│  │  • WarRoom           │
│  │  • ThreatLens        │
│  │  • GoFish            │
│  │  • The Vault (436)   │
│  │  • Toolkit           │
│  └─────────────────────┘
│
│  ┌──────────────────────────────────────────────────────────────┐
│  │                     MONETIZATION                             │
│  │                                                              │
│  │  • CJ Affiliate (Publisher ID: 101720928)                    │
│  │    NordVPN, Proton VPN, Surfshark, Proton Pass               │
│  │  • Telegram Stars (Elite Bot: 150-500 ⭐)                    │
│  │  • In-feed contextual affiliate cards                        │
│  │  • Tool-embedded recommendations                            │
│  │  • LinkedIn posts include affiliate links                    │
│  └──────────────────────────────────────────────────────────────┘
└──────────────────────────────────────────────────────────────────┘

3. Where Everything Lives

3.1 Website Repository

| Component | Path | Notes | |—|—|—| | Jekyll Config | _config.yml | Site metadata, plugins | | Posts (threat intel) | _posts/*.md | Auto-generated by feed engine + scrapers | | Hardening data | _data/hardening.yml | 847 checks, 18 platforms | | Tools data | _data/tools.yml | Curated tools with CJ affiliate links | | Resources data | _data/resources.yml | 436 library PDFs | | Navigation | _data/navigation.yml | Site menu | | Homepage config | _data/homepage.yml | Hero, features, stats | | CSS | assets/css/ | Styles | | JavaScript | assets/js/ | Client-side logic for tools | | Cover images | assets/images/ | Unsplash pool | | Layouts | _layouts/ | default.html, post.html, page.html | | Includes (partials) | _includes/ | header.html, footer.html, etc. |

3.2 GitHub Actions Automation

| Workflow | Schedule | Script | Purpose | |—|—|—|—| | linkedin-post.yml | Daily 07:00 UTC | linkedin-post.mjs + linkedin-token-check.mjs | Post to LinkedIn + token monitor | | weekly-enrich.yml | Sunday 06:00 UTC | weekly-enrich.mjs | Generate hardening/detections/playbooks | | incd-scraper.yml | Every 6 hours | incd-scraper.mjs | Scrape INCD gov.il publications | | engine-backup.yml | Sunday 05:00 UTC | Inline shell | Timestamp backup marker |

3.3 LinkedIn Automation

| Item | Location | Notes | |—|—|—| | Poster script | .github/scripts/linkedin-post.mjs | Thought-leadership format with CTAs | | Token checker | .github/scripts/linkedin-token-check.mjs | Brevo email alert ≤7 days before expiry | | OAuth refresh tool | .github/scripts/linkedin-oauth-local.mjs | Run locally to get new token | | Refresh helper | refresh-linkedin.sh | One-command refresh (prompts for secret) | | State tracking | .github/linkedin-state.json | Tracks posted files (last 90) | | Client secret cache | .linkedin-secret | Local only, gitignored |

3.4 Feed Engine (Separate Repo)

| Item | Location | Notes | |—|—|—| | Source code | ~/Documents/scw-telegram-feed/ | Node.js Telegram monitor | | Engine backup | .engine-backup/ (in website repo) | Code snapshot | | Runtime | Azure Container Instances | Always-on container | | Telegram session | session.json in container | Telegram client auth |

3.5 Backups

| Backup | Location | |—|—| | Local | ~/Documents/SCW Backups/SCW-Backup-YYYYMMDD-HHMMSS/ | | Cloud | ~/Library/Mobile Documents/com~apple~CloudDocs/MY Startup/ (iCloud) |

4. GitHub Secrets (6 Required)

5. External Services & Credentials

6. Disaster Recovery — Rebuild From Scratch

Scenario: Everything is lost. Here’s how to rebuild.

Step 1: Restore Repository

git clone https://github.com/Shimicohen1/shimis-cyber-world.git
cd shimis-cyber-world

Step 2: Re-set GitHub Secrets

Go to Settings → Secrets and variables → Actions and add all 6 secrets from Section 4.

Step 3: Verify GitHub Pages

• Settings → Pages → Source: main branch, / (root) folder
• Custom domain: shimiscyberworld.com
• DNS: CNAME record pointing to Shimicohen1.github.io

Step 4: Restore Feed Engine

# From backup or .engine-backup folder:
cp -r .engine-backup ~/Documents/scw-telegram-feed
cd ~/Documents/scw-telegram-feed
npm install
# Recreate .env with: TELEGRAM_API_ID, TELEGRAM_API_HASH, GITHUB_TOKEN,
#   GITHUB_OWNER, GITHUB_REPO, GEMINI_API_KEY, BREVO_API_KEY, TELEGRAM_BOT_TOKEN
# Re-authenticate Telegram: node auth.js
# Deploy to Azure: ./deploy.sh

Step 5: Refresh LinkedIn Token

cd shimis-cyber-world
./refresh-linkedin.sh
# Then: echo 'PASTE_TOKEN' | gh secret set LINKEDIN_ACCESS_TOKEN

Step 6: Verify Everything Works

• Website loads at shimiscyberworld.com
• GitHub Actions workflows are enabled (Actions tab → Enable)
• Feed engine is running on Azure (az container show --name scw-feed-engine --resource-group scw-rg)
• Run LinkedIn poster manually: Actions → “Daily LinkedIn Post” → Run workflow
• Run weekly enrichment manually: Actions → “Weekly Content Enrichment” → Run workflow
• Check Telegram bot: t.me/Shimiscyberworldbot → /start

7. LinkedIn Token Lifecycle

• Duration: 60 days from generation
• Current token: Generated April 9, 2026 → Expires ~June 8, 2026
• Alert system: Daily check via linkedin-token-check.mjs → Brevo email at ≤7 days
• Refresh procedure:
  1. Run ./refresh-linkedin.sh on your Mac
  2. Browser opens → click “Allow” on LinkedIn
  3. Copy the printed LINKEDIN_ACCESS_TOKEN value
  4. Run: echo 'TOKEN' | gh secret set LINKEDIN_ACCESS_TOKEN
• LinkedIn Dev App: “SCW Auto Poster” at linkedin.com/developers
• Scopes: w_member_social, openid, profile

8. Monetization Channels

9. Key Links