Posted inSecurity
Automating Infrastructure Security: A Hands-On Guide to Nuclei
Ditch the manual security audits. Learn how to use Nuclei to automate vulnerability scanning on your Linux servers with community-verified templates.
Posted inNetworking
Stop the ‘Open Port’ Risk: Building 802.1X Wired Security with FreeRADIUS
Secure your organization's physical network ports. This guide shows you how to use 802.1X and FreeRADIUS to authenticate devices before granting network access.
Posted inSecurity
Ditch Static Secrets: A Practical Guide to GitHub Actions OIDC
Ditch the risk of long-lived AWS and GCP access keys. This guide shows you how to implement OIDC in GitHub Actions to secure your CI/CD with short-lived, self-destructing tokens.
Posted inDevOps
Kubernetes Secrets in Git: A Field Guide to Bitnami Sealed Secrets
Store Kubernetes secrets safely in Git. This guide covers implementing Bitnami Sealed Secrets, from installation to production disaster recovery strategies.
Posted inSecurity
Hunting BOLA: How to Audit Your API Security with OWASP ZAP
BOLA is the top risk for modern APIs. Discover how to use OWASP ZAP to automate your security testing, find authorization bugs, and harden your code.
Posted inLinux
Kernel Live Patching: Fix Linux Vulnerabilities Without the Reboot Nightmare
Reboots cause downtime and stress. Learn how to use ftrace and Canonical Livepatch to secure your Linux kernels in real-time without dropping a single connection.
Posted inLinux
Secure Boot on Linux: How I Signed My Own Kernel to Kill Bootkits
A hands-on guide to configuring Secure Boot and signing custom Linux kernels using Machine Owner Keys (MOK) to block boot-level threats.
Posted inHomeLab
LLDAP on Docker: Centralize Your HomeLab Logins Without the Bloat
Stop managing 20 different passwords for your HomeLab. Learn how to set up LLDAP on Docker—a high-performance, low-memory solution for centralizing your logins.
Posted inSecurity
Centralizing Vulnerability Management: A Practical Guide to DefectDojo, Trivy, and Semgrep
Streamline your security workflow by centralizing findings from Trivy, Nmap, and Semgrep. This guide walks you through setting up DefectDojo and automating your vulnerability management.
Posted inSecurity
Masking PII in System Logs: A Fluent Bit Guide to Redacting Emails, IPs, and Passwords
Leaking PII in system logs is a major compliance risk. This guide shows you how to use Fluent Bit's modify and Lua filters to mask emails, IPs, and passwords at the source.