A living Cyber Threat Intelligence knowledge base. Raw notes are automatically structured, MITRE-mapped, and published here. Start with CTI fundamentals or jump into the 2024 threat landscape.
Recent CTI Drops
scope-recon: A Rust-Based Multi-Source IP Threat Intelligence Tool
scope-recon is a Rust binary that queries 12 threat intelligence sources in parallel and renders verdicts in a terminal UI, with optional LLM-synthesized threat assessments.
scope-recon: A Rust-Based Multi-Source IP Threat Intelligence Tool
A detailed technical walkthrough of scope-recon, a Rust tool that aggregates IP threat intelligence from 11 concurrent API sources, including its async architecture, TUI design, verdict logic, cache system, and API key security practices.
About
How Nethound is built — the automated pipeline, dark-server hosting architecture, and contact.
Sovereign Dark Server: Zero Inbound Exposure VPS Architecture
A structured implementation guide for building a VPS with no publicly reachable inbound ports, using kernel hardening, localhost service binding, and Cloudflare Tunnel as the sole ingress path.
Operational Security (OPSEC): Fundamentals, Countermeasures, and Case Study
A comprehensive reference covering the OPSEC process, cryptographic controls, physical security, secure communications architecture, and a forensic breakdown of OPSEC failures in the BreachForums case.
Graph View
tap to load graph