Posts

Defensive OSINT: Seeing Through the Attacker’s Eyes We often think of Open Source Intelligence (OSINT) as a tool for red teamers and private investigators. But for a Blue Teamer, OSINT is the most cost-effective way to find Shadow IT and leaked data before it’s too late. 1. Shodan/Censys for Your IP Range Don’t wait for your own internal scan to find that “temporary” Proxmox node you exposed to the internet last week. Set up alerts on Shodan or Censys for your public IP ranges. If a port opens, you should know within minutes. ...

The Local Brain: Security Risks of Self-Hosted AI As we move toward running powerful models like Llama 3 or Gemini local-first in our homelabs, we’re introducing a new class of vulnerabilities. The most dangerous among them? Prompt Injection. What is Prompt Injection? At its core, prompt injection is a “jailbreak” where an attacker provides input that overrides the model’s original system instructions. In a local lab environment, this usually takes the form of Indirect Prompt Injection. ...

Red Teaming in the Age of Autonomy We’ve all seen what LLMs can do for productivity. But in the hands of a skilled offensive security professional, these models become a force multiplier that we haven’t seen since the release of Metasploit. The Good, The Bad, and The Automated 1. Phishing at Scale The days of “broken English” phishing emails are over. LLMs can generate perfectly tailored, context-aware emails in any language, mimicking the tone and style of a specific executive with terrifying accuracy. ...

The Death of the Perimeter The old way of thinking was simple: build a giant wall (firewall) around your network. Anything inside the wall is trusted, and anything outside is untrusted. We call this the Castle-and-Moat strategy. The problem? Once an attacker gets inside (via phishing, a stolen VPN credential, or a vulnerable printer), they have free rein to move laterally across your entire network. Enter Zero Trust Zero Trust isn’t a single product; it’s a mindset. The core philosophy is: Never Trust, Always Verify. ...

Hardening the Lab: Proxmox & LXC Edition Running a homelab is the best way to learn, but it also increases your local attack surface. If you’re running Proxmox VE, you’re sitting on a powerful hypervisor that needs more than just a strong password. 1. Disable the Enterprise Repository Unless you’re paying for a subscription, the enterprise repo will give you persistent errors. Switch to the no-subscription repository to keep your system updated. ...