All Posts
scope-recon: A Rust-Based Multi-Source IP Threat Intelligence Tool
scope-recon is a Rust binary that queries 12 threat intelligence sources in parallel and renders verdicts in a terminal UI, with optional LLM-synthesized threat assessments.
scope-recon: A Rust-Based Multi-Source IP Threat Intelligence Tool
A detailed technical walkthrough of scope-recon, a Rust tool that aggregates IP threat intelligence from 11 concurrent API sources, including its async architecture, TUI design, verdict logic, cache system, and API key security practices.
Sovereign Dark Server: Zero Inbound Exposure VPS Architecture
A structured implementation guide for building a VPS with no publicly reachable inbound ports, using kernel hardening, localhost service binding, and Cloudflare Tunnel as the sole ingress path.
Operational Security (OPSEC): Fundamentals, Countermeasures, and Case Study
A comprehensive reference covering the OPSEC process, cryptographic controls, physical security, secure communications architecture, and a forensic breakdown of OPSEC failures in the BreachForums case.
Cyber Attack Frameworks: The Kill Chain, Diamond Model, and MITRE ATT&CK
A structured reference covering the Lockheed Martin Cyber Kill Chain, the Diamond Model of Intrusion Analysis, and MITRE ATT&CK, illustrated with real-world case studies and adversary examples.
Building a Pocket-Sized CTI Hypervisor: Fedora, KVM, and 12TB NVMe on the Minisforum MS-A2
A setup guide for deploying a bare-metal Fedora KVM hypervisor on the Minisforum MS-A2 mini PC, covering hardware selection, Btrfs storage pool configuration, SELinux policy, and libvirt integration as the foundation for a CTI and malware analysis lab.
The Nethound CTI Lab: Building a High-Performance MISP and OpenCTI Intelligence Engine
A detailed deployment guide for integrating MISP and OpenCTI into a high-performance, solo CTI lab on Fedora 43, covering architecture, system tuning, ingestion pipelines, and operational troubleshooting.
Intelligence Collection Disciplines in CTI: HUMINT, SIGINT, IMINT, OSINT, and CYBINT
A structured reference covering the core intelligence collection disciplines—HUMINT, SIGINT, IMINT, MASINT, and OSINT—their adaptation to the cyber domain as CYBINT, and the legal and ethical frameworks governing their use.
Cyber Threat Intelligence: Foundations, Categories, and Defense Postures
A structured reference covering the core components, four intelligence categories, and the distinction between reactive and proactive cyber defense within a CTI framework.
2024 Cyber Threat Landscape: Key Trends, Attack Vectors, and CTI Implications
A structured analysis of the 2024 cyber threat landscape covering regional attack volume trends, sector-specific vulnerabilities, and four primary attack vectors with associated CTI roles.