Posts
Using Physical Security Keys with Slackware Linux
A short guide to configuring a YubiKey hardware security key on Slackware Linux by creating a udev rule with the correct idVendor, idProduct, group, and mode attributes.
Using OpenSSL and pfSense to sign a Subordinate Windows Enterprise Certificate Authority
This post explains how to use OpenSSL on pfSense to sign a Windows Enterprise Subordinate CA certificate signing request, including the openssl.conf setup and CRL distribution requirements.
Handcrafting Linux Shellcode
A tutorial on writing 32-bit Linux shellcode from scratch using NASM assembly, covering execve system call conventions, stack-based string construction, bad character avoidance, and opcode extraction.
Mounting NFS Shares in Windows Using Identity Mapping
A guide to mounting NFS shares on Windows 10 with read/write access using UID/GID identity mapping via local passwd and group files, improving on the less secure anonymous mount approach.
Tracking SSH Brute-force Logins with Splunk
This post demonstrates using Splunk field extraction and search queries to track SSH brute-force login attempts, identifying the top attacking usernames and source IP addresses via dashboards.
Raspberry Pi Centralized Log Server
A guide to configuring a Raspberry Pi as a centralized syslog server using rsyslog with per-host log files, log rotation, and forwarding configuration for syslog, rsyslog, and syslog-ng clients.
ELF Binary Disassembly
A detailed walkthrough of reverse engineering a 32-bit ELF binary by analyzing its objdump disassembly output in AT&T syntax, reconstructing stack frames, loops, and C source code from opcodes.
IBM M1015 9220-8i cross-flashed to LSI 9211-8i IT mode
A step-by-step guide to cross-flashing an IBM M1015 RAID card to LSI 9211-8i IT mode firmware using FreeDOS and UEFI, covering common errors and the BIOS/UEFI combination approach.
Scams in the Crypto Coin Space
This post exposes a Twitter-based Ethereum giveaway scam impersonating Binance, walking through the social engineering tactics and fake account indicators used by the fraudsters.
Running an Authoritative DNS Server
This post covers running a self-hosted BIND9 authoritative DNS server on FreeBSD, with examples of reconnaissance attempts seen in query logs and Splunk-based analytics.