Computers

Writing on the technical side: cybersecurity and network forensics, AI and LLMs, networking and homelab, electronics, and hands-on engineering notes.
Solving the XLMRat Blue team challenge

Solving the XLMRat Blue team challenge

A blue-team walkthrough of the CyberDefenders XLMRat challenge: tracing the first-stage download URL and hosting provider from the PCAP, hashing the loader and executable payloads, and identifying the malware family and the LOLBin used for stealthy execution.

June 28, 2025 · 6 min
Billion-dollar brains: the real cost of AI

Billion-dollar brains: the real cost of AI

The hidden cost behind AI-assisted coding: the GPUs, power, and data-center infrastructure that make it work, whether current pricing reflects real demand, why providers lose money at scale, and what that means for you.

May 26, 2025 · 4 min
Solving the BlueSky Ransomware Blue team challenge

Solving the BlueSky Ransomware Blue team challenge

A blue-team walkthrough of the CyberDefenders BlueSky ransomware challenge: analyzing the PCAP to find the port-scan source IP, the targeted account, C2 process injection, the downloaded payload, and the registry keys used to disable Windows Defender.

May 18, 2025 · 11 min
DanaBot blue team challenge

Solving the DanaBot Blue team challenge

A blue-team walkthrough of the CyberDefenders DanaBot challenge: using PCAP and threat intel to trace the initial-access IP, identify the malicious files and their SHA-256/MD5 hashes, and the process used to execute the banking trojan.

May 4, 2025 · 5 min
The unboring NIST SP 800-190

The unboring NIST SP 800-190

Practical, non-boring takeaways from NIST SP 800-190 for container security: image scanning and vulnerability management, controlled image provenance, least-privilege runtime restrictions, network segmentation, runtime threat detection, and host-OS hardening.

March 18, 2025 · 3 min
A convenient homelab SSH jumphost (without the drama)

A convenient homelab SSH jumphost (without the drama)

Building a homelab SSH jumphost that lets you pick any server from a fuzzy-finder (fzf) menu by friendly name instead of memorizing IPs, including the select-host script, autoload on login, and SSH key management.

March 8, 2025 · 5 min
Proxmox firewall layers in simple terms

Proxmox firewall layers in simple terms

A clear, visual explanation of the Proxmox VE firewall and its three layers (datacenter, node, and VM/container), how rules are matched in practice, and how to configure it on a single-node setup.

January 19, 2025 · 6 min

Passkeys – the future of secure authentication

What passkeys are and why they are more secure and convenient than passwords: how the public-key authentication works, its security and usability advantages, and a quick guide to start using passkeys on iPhone and Mac.

December 2, 2024 · 4 min
A quiet Highland road curving below a sunlit mountainside

Say “yes” to SBOMs!

Why software bills of materials (SBOMs) matter for security teams, managers, and developers, how to win management buy-in, and a short hands-on demo generating an SBOM in a GitLab CI pipeline.

November 22, 2024 · 8 min
A weathered wooden park bench facing a canal, apartment blocks in the background

Is my business secure? First look at the SAMM framework

A first look at OWASP SAMM for answering “is my business secure?”: why the answer is hard for small businesses, what SAMM covers, its maturity levels, and where to start implementing it.

April 9, 2024 · 8 min