Bridging the Semantic Gap: Agentless Runtime Detection via Hypervisor TrapsA reference architecture for monitoring agent-hostile VMs using LibVMI and Wazuh.Jun 21, 2026·20 min read
Data Exfiltration in Modern Environments: A Comprehensive Threat and Defense HandbookSep 10, 2025·41 min read
Istio Service Mesh Security: Best Practices, Misconfigurations, and Real-World DeploymentAug 21, 2025·29 min read
Attackers Love Your YAML: Static Kubernetes Security Analysis for DevSecOpsShift left, stay secure: Identifying and fixing the most dangerous Kubernetes misconfigurations in CI/CD.Jun 30, 2025·15 min read
Offensive Container Security: Techniques, Misconfigurations, and Attack PathsExplore real-world misconfigurations, container escape techniques, Kubernetes privilege escalation, CI/CD attack vectors, and persistent threats.May 17, 2025·15 min read
Cloudflare Security: Addressing Image Resizing Misconfiguration & RiskIdentifying Vulnerabilities and Implementing Robust Security Measures for Cloudflare's Image Resizing Function Introduction: During a recent penetration test for one of my clients, I discovered a significant vulnerability related to Cloudflare’s imag...Jul 4, 2024·3 min read
Offensive Kubernetes: Pentesting from the InternetStrategies and Techniques for Identifying and Mitigating External Threats to Your Kubernetes ClusterJun 30, 2024·4 min read
Exposed: A Real-World Case Study of PII Data LeakThe Dark Side of Data, Revealing a Chilling PII Data ExposureJun 9, 2024·3 min read
Breaking Point: How Browser Breakpoints Can Unmask Encryption and Compromise SecurityUnveiling the Risks of Client-Side Encryption: Insights and RemediationMay 7, 2024·6 min read
