A
~/blog

The blog

Tutorials, knowledge-base reference, cheat sheets, and the occasional war story.

AI & Agents
AI & Agents·Jun 1

Openclaw: Building an Autonomous Offensive Security Agent

Openclaw is an agentic AI framework for offensive security operations. Here's how it works, what makes it different from tool-wrappers, and what defenders need to know.

automationred-teamopenclaw
Blue Team
Blue Team·Feb 14

SIEM Tuning: Reducing Alert Fatigue Without Missing Attacks

High alert volume drives analysts to ignore alerts, which lets real attacks go unnoticed,

detectionblue-teamsiem
Offensive Security
Offensive Security·Jan 8

Kerberoasting in 2026: What Still Works and What Doesn't

Kerberoasting was documented in 2014. It's 2026 and I'm still popping DA with it on

offsecactive-directoryred-team
Infrastructure
Infrastructure·Dec 3

HashiCorp Vault: Secrets Management for Modern Infrastructure

Every static credential is a liability that grows with time. It gets copied to laptops,

infrasecurityvault
Blue Team
Blue Team·Nov 20

Network Traffic Analysis with Zeek and Suricata

Endpoint logs tell you what happened on the host. Network logs tell you who the host

blue-teamzeeksuricata
Linux
Linux·Nov 5

LVM Snapshots for Incident Response: Forensic Disk Captures

When you're responding to an incident on a running Linux system, pulling the disk offline

linuxlvmforensics
Offensive Security
Offensive Security·Oct 30

Lateral Movement Techniques and How to Detect Them

Lateral movement is where most attackers spend the majority of their dwell time.

offseclateral-movementdetection
Infrastructure
Infrastructure·Oct 15

CI/CD Pipeline Security: Protecting Your Software Supply Chain

SolarWinds and XZ Utils taught us that the software supply chain is a primary target.

infrasecuritycicd
Linux
Linux·Sep 22

Bash Scripting Best Practices for Security Automation

Shell scripts run with the permissions of whoever calls them, inherit environment variables

linuxbashscripting
← Previous2 / 4Next →