Posts

Showing posts from October, 2025

Put a safety on that toggle! Automating SAFE Dynamic Mitigation

Image
How to Build tuned Profiles for Dynamic Linux Kernel Mitigations dynamic mitigation functionality was created by AMD engineer David Kaplan, linked here is an article discussing it The recent introduction of "Dynamic Mitigations" for the Linux kernel provides a powerful new capability: the ability to enable or disable CPU security mitigations at runtime without a reboot. This is managed by writing to a special file at /sys/devices/system/cpu/mitigations . While you can do this manually with a simple echo command, a more robust and manageable approach is to use the tuned daemon. tuned is a system service designed to switch between performance profiles, making it the perfect tool for this job. This guide will show you how to create custom tuned profiles to easily manage your system's security and performance posture. ​ Start Somewhere : Create a Custom tuned Profile Creating a custom profile is straightforward. First, you need to create a new directory for...

Spiderfoot OSINT Scan for Reporting

Image
In any Open Source Intelligence (OSINT) investigation, you're faced with two major challenges: collection and analysis . First, how do you gather thousands of data points about a target securely and efficiently? Second, how do you make sense of that mountain of data without spending days manually sifting through it? This post details my modern workflow that solves both problems. I use Kasm Workspaces for a secure, isolated environment, run the powerful SpiderFoot tool to collect the data, and then feed the results to Gemini to create an instant, comprehensive "target primer." Part 1: The Platform - Kasm Workspaces As I've mentioned in my previous post, all my cybersecurity work starts in Kasm Workspaces . For OSINT, this is non-negotiable. Why? Anonymity & Isolation: When I run a SpiderFoot scan, all the network requests (DNS lookups, web scraping, etc.) originate from my server's IP, not my loc...

Kasm Workspace Server

Image
In the world of cybersecurity, having a flexible, secure, and isolated lab environment is non-negotiable. Whether I'm conducting Open Source Intelligence (OSINT) investigations, diving into a Kali Linux instance, or exploring Parrot OS , I need my tools to be accessible from anywhere but completely locked down from the outside world. This post details my setup, which combines Kasm Workspaces for on-demand containerized environments with Cloudflare Zero Trust Tunnels for iron-clad security and authentication. Part 1: The Lab Itself - Kasm Workspaces First, let's talk about the lab environment. Kasm Workspaces is a container streaming platform. In simple terms, it lets me run entire operating systems and applications inside Docker containers and stream them directly to my web browser. This isn't a laggy VNC or RDP session; it's a fluid, high-performance experience that feels native. The real magic, especially for cybersecur...

bettercap Bluetooth hacking

Image
<h1>What is Bluetooth Low Energy (BLE) and how to hack it</h1> <p>Bluetooth Low Energy (BLE) is a part of the Bluetooth 4.0 specification which additionally also includes Classic Bluetooth and Bluetooth High Speed Protocols. Compared to classic Bluetooth, BLE is intended to use lesser power while maintaining a similar communication range. BLE is an 'always off' technology and only transmits short amounts of data when required. This significantly reduces power consumption, making it ideal to use in cases where a persistent long-term connection is required with a low data rate. BLE is perfect for a TV remote but not for a wireless media streaming device which needs a large amount of data to transmit.</p> <h2>How to Hack Bluetooth Low Energy (BLE)</h2> <p>By its concept, BLE is a simplified version of Bluetooth, which does not hop channels (does not change frequencies operating on), which facilitates sniffing and a man-in-the-m...