Posts

Current Project

Put a safety on that toggle! Automating SAFE Dynamic Mitigation

Image
How to Build tuned Profiles for Dynamic Linux Kernel Mitigations dynamic mitigation functionality was created by AMD engineer David Kaplan, linked here is an article discussing it The recent introduction of "Dynamic Mitigations" for the Linux kernel provides a powerful new capability: the ability to enable or disable CPU security mitigations at runtime without a reboot. This is managed by writing to a special file at /sys/devices/system/cpu/mitigations . While you can do this manually with a simple echo command, a more robust and manageable approach is to use the tuned daemon. tuned is a system service designed to switch between performance profiles, making it the perfect tool for this job. This guide will show you how to create custom tuned profiles to easily manage your system's security and performance posture. ​ Start Somewhere : Create a Custom tuned Profile Creating a custom profile is straightforward. First, you need to create a new directory for...

Spiderfoot OSINT Scan for Reporting

Image
In any Open Source Intelligence (OSINT) investigation, you're faced with two major challenges: collection and analysis . First, how do you gather thousands of data points about a target securely and efficiently? Second, how do you make sense of that mountain of data without spending days manually sifting through it? This post details my modern workflow that solves both problems. I use Kasm Workspaces for a secure, isolated environment, run the powerful SpiderFoot tool to collect the data, and then feed the results to Gemini to create an instant, comprehensive "target primer." Part 1: The Platform - Kasm Workspaces As I've mentioned in my previous post, all my cybersecurity work starts in Kasm Workspaces . For OSINT, this is non-negotiable. Why? Anonymity & Isolation: When I run a SpiderFoot scan, all the network requests (DNS lookups, web scraping, etc.) originate from my server's IP, not my loc...

Kasm Workspace Server

Image
In the world of cybersecurity, having a flexible, secure, and isolated lab environment is non-negotiable. Whether I'm conducting Open Source Intelligence (OSINT) investigations, diving into a Kali Linux instance, or exploring Parrot OS , I need my tools to be accessible from anywhere but completely locked down from the outside world. This post details my setup, which combines Kasm Workspaces for on-demand containerized environments with Cloudflare Zero Trust Tunnels for iron-clad security and authentication. Part 1: The Lab Itself - Kasm Workspaces First, let's talk about the lab environment. Kasm Workspaces is a container streaming platform. In simple terms, it lets me run entire operating systems and applications inside Docker containers and stream them directly to my web browser. This isn't a laggy VNC or RDP session; it's a fluid, high-performance experience that feels native. The real magic, especially for cybersecur...

bettercap Bluetooth hacking

Image
<h1>What is Bluetooth Low Energy (BLE) and how to hack it</h1> <p>Bluetooth Low Energy (BLE) is a part of the Bluetooth 4.0 specification which additionally also includes Classic Bluetooth and Bluetooth High Speed Protocols. Compared to classic Bluetooth, BLE is intended to use lesser power while maintaining a similar communication range. BLE is an 'always off' technology and only transmits short amounts of data when required. This significantly reduces power consumption, making it ideal to use in cases where a persistent long-term connection is required with a low data rate. BLE is perfect for a TV remote but not for a wireless media streaming device which needs a large amount of data to transmit.</p> <h2>How to Hack Bluetooth Low Energy (BLE)</h2> <p>By its concept, BLE is a simplified version of Bluetooth, which does not hop channels (does not change frequencies operating on), which facilitates sniffing and a man-in-the-m...

Belta.by as a RU cyber tool

Bel-TA: An Analysis of a Union State Information Warfare Asset Created by: n̷ y̷ l̷ a̷ r̷ Bel-TA: An Analysis of a Union State Information Warfare Asset I. Strategic Overview This report provides a comprehensive analysis of the Belarusian Telegraph Agency (BelTA), the state-owned national news agency of the Republic of Belarus. The assessment, based on open-source intelligence, concludes that BelTA is not a conventional media organization but a fully integrated instrument of state power. It operates as a primary tool for internal information control for the regime of Aleksandr Lukashenka and, of increasing strategic importance, functions as a forward-deployed asset within the information warfare doctrine of the Russia-Belarus Union State. BelTA's legal structure as a "republican unitary enterprise" solidifies its status as an arm of the Belarusian government, with a mandate to disseminate official narratives. Its leadershi...

Truth Social Analysis - Data Inputs : All registered IPs, OSINT spiderfoot scan containing 2600 data points plus relationship mapping

PLEASE KEEP IN MIND THESE ARE REPORTS RESULTING FROM OSINT TOOL SCANNING I PERSONALLY DO, A VARIETY OF MORE 'PERSONAL' SCANNING OF THE DOMAINS, THE DATA AGGREGATED AND SUPPLIED TO GEMINI PRO 2.5 WITH MY OWN PROMPTS. An Analysis of Truth Social: Technical Infrastructure, Financial Strategy, and Cybersecurity Posture I. Executive Summary This report provides a comprehensive analysis of the social media platform Truth Social and its parent entity, Trump Media & Technology Group (TMTG)[cite: 3. The investigation dissects the platform's technical architecture, examines the company's unconventional financial strategy, and assesses its cybersecurity framework[cite: 4. The findings reveal a significant paradox: while TMTG strategically positions Truth Social as an "uncancellable fortress of free speech" and pursues an ambitious, high-risk financial model centered on cryptocurrency, this posture is fundamentally undermined by a demonstrably weak and reactive c...