#01
macOS Hardening: Lockdown Mode, MDM and Attack Surface Reduction
Defensive configurations on Apple Silicon for journalists, activists and researchers facing well-funded state or commercial adversaries.
ler #02
Supply Chain Security: Sigstore Signing and Real SBOMs in CI/CD
How Basilisk ships cosign, SLSA, and CycloneDX across real pipelines to blunt SolarWinds-style attacks, XZ Utils backdoors, and dependency confusion.
ler #03
Malware Analysis in an Isolated Lab: Safe Setup with FlareVM and REMnux
How to build an air-gapped lab with FlareVM and REMnux for reverse engineering real samples without contaminating your network or burning IOCs.
ler #04
Comms OPSEC: Signal, SimpleX and Session Technically Compared
Technical breakdown of protocols, metadata and threat models for Signal, SimpleX and Session, with practical selection criteria per scenario.
ler #05
AMSI and ETW Bypass for Defensive Research: What Blue Teams Should Know
Honest technical breakdown of how public AMSI and ETW bypasses work, and how defenders can harden Windows telemetry without looking foolish.
ler #06
SQL Injection in Practice: Exploiting, Detecting and Mitigating in a Controlled Lab
Hands-on SQLi demo with sqlmap in your own lab, focused on defensive detection and parameterized fixes that actually hold up against production traffic.
ler #07
Lateral Movement in the Lab: SMB, WMI and WinRM with a Detection Focus
We reproduce three classic lateral movement techniques in GOAD and show how to turn each one into a Sigma rule the blue team can actually use.
ler #08
Ethical OSINT: Investigating Your Own Digital Footprint with Maltego and Spiderfoot
Before a stalker, hostile recruiter, or data broker finds you, do the work yourself. Maltego and Spiderfoot turn public fragments into a personal attack map.
ler #09
SSH Hardening 2026: Algorithms, Certificates and Bastion Hosts
Modern SSH configuration with an internal CA, resistant algorithms and auditable bastion hosts to shrink the attack surface in corporate environments.
ler #10
Anti-Doxxing Personal Security: Removing Data from Brazilian Data Brokers
Hands-on technical procedure to cut your exposure on Brazilian data brokers, social media and public records before a doxxer does it for you.
ler #11
Simulated Initial Access: Macros, LNK and ISO in an Isolated Windows 11 Lab
We replayed three classic initial access vectors inside a sealed Windows 11 lab to see what the EDR actually logs and where detection quietly falls apart.
ler #12
Disk Crypto and Backups: VeraCrypt, LUKS and a Resilient 3-2-1 Strategy
How to encrypt disks with LUKS2 and VeraCrypt and build verified 3-2-1 backups, with a recovery plan tested in the lab.
ler #13
STRIDE Threat Modeling in Sprints: A Full Microservice Walkthrough
How to apply STRIDE to a real payments microservice inside a two-week sprint, with a clean DFD, prioritized threats, and actionable mitigations.
ler #14
Web Pentesting From Scratch: Building a Safe Lab with DVWA, Juice Shop and Burp Suite
Hands-on guide to building an isolated web pentest lab with DVWA, Juice Shop and Burp Suite configured under clear legal and safety rules.
ler #15
Passwords and MFA: Moving to Passkeys Without Breaking Your Recovery
Passkeys kill phishing and MFA fatigue, but a sloppy migration locks legitimate users out. Plan fallback, devices and roaming with no holes.
ler #16
Windows 11 Hardening for High-Risk Offensive Security Workstations
Battle-tested Windows 11 hardening recipe with ASR, Credential Guard, AppLocker and WDAC deployed across Basilisk offensive analyst laptops.
ler #17
Linux Server Hardening: Applying CIS Benchmark Without Breaking Production
How to apply the CIS Benchmark on production Debian and Ubuntu hosts by validating each control, measuring impact, and keeping SLA intact without an all-night rollback.
ler #18
Exploring File Upload Vulnerabilities Without Breaking the Law
How to bypass upload validations in your own lab, map the bug classes, and harden webservers against RCE via malicious file.
ler #19
macOS Incident Forensics: UnifiedLogs, FSEvents and AULR in Practice
How Basilisk collects evidence on macOS Sonoma and Sequoia using UnifiedLogs, FSEvents and AULR without trampling the incident scene.
ler #20
SSRF Demystified: Exploiting Cloud Metadata in a Local AWS Lab
Ethical SSRF reproduction against IMDS using LocalStack, with real payloads, simulated credential theft and definitive mitigation via IMDSv2.
ler #21
Memory Forensics with Volatility 3: Analyzing Dumps in a Reproducible Lab
Technical memory analysis workflow with Volatility 3, sandbox-reproduced dumps and cross-validation against Rekall and MemProcFS.
ler #22
Personal Crypto: Hardware Wallets, Passphrase and Coercion-Resistant Backup
How to build self-sovereign crypto custody using a hardware wallet, BIP39 passphrase and metal backup designed against phishing and physical attacks.
ler #23
Linux Application Sandboxing with Bubblewrap, Firejail and Flatpak
How the Basilisk team isolates browsers, PDF readers and risky tools on Linux desktops using audited, reproducible sandbox profiles.
ler #24
Building C2 Infra with Sliver in an Isolated Lab for Defensive Research
Spinning up a Sliver C2 air-gapped is not hacker theater: it is how Blue Teams learn to detect what they will face tomorrow. Hands-on technical walkthrough.
ler #25
Active Directory Pentest: Step-by-Step Kerberoasting in a GOAD Lab
Ethical Kerberoasting walkthrough on Game of Active Directory: TGS capture, offline crack with hashcat, and detection via Event ID 4769.
ler #26
Personal Security for High-Visibility Targets: Journalists, Activists, and Executives
Defensive playbook for people with public profiles: from threat modeling to digital hygiene, with tools battle-tested in the field.
ler #27
Threat Hunting with Sigma and Elastic: From Indicator to Detection Rule
How to turn attack hypotheses into Sigma rules tested in Elastic, with a reproducible lab validation pipeline.
ler #28
Red Team 101: How Pentests Differ from Real Adversarial Operations
A pentest is not a red team. Learn scope, ROE, objectives, and why ethical discipline defines whether an adversarial engagement actually delivers value.
ler #29
REST and GraphQL API Pentest: Technical Checklist for Legal Bug Bounty
Hands-on methodology for testing REST and GraphQL APIs in authorized programs, focused on IDOR, authentication bypass and malicious introspection.
ler #30
Modern XSS: DOM, Stored and Reflected With Real Examples in a Test Lab
Three XSS flavors dissected in a sandbox with payloads, exploitation flow, and mitigations via strict CSP, Trusted Types and DOMPurify sanitization.
ler #31
Timeline Forensics on Windows: Plaso, Log2Timeline and KAPE in Practice
Building super-timelines of a compromised Windows 11 test VM with KAPE for triage collection and Plaso parsing 200+ artifacts.
ler #32
Real Anonymity with Tor: What Works and What is Myth in 2026
Tor is not an invisibility cloak. Where the network truly protects, where traffic correlation breaks anonymity, and how to use it sensibly in 2026.
ler #33
Adversary Emulation with Caldera and MITRE ATT&CK in a Corporate Lab
How Basilisk uses Caldera, Atomic Red Team and MITRE ATT&CK to simulate real TTPs in a closed lab and measure SOC maturity without breaking production.
ler #34
Metadata Hygiene: Stripping EXIF, PDF and Office Before You Publish
How to remove metadata that leaks identity, GPS and authorship from images, PDFs and Office documents before publishing online.
ler #35
Advanced Nmap: NSE Scripts for Internal Recon in a Simulated Corporate Lab
How to get real value out of NSE for authorized enumeration on simulated internal networks, with script examples, output parsing, and pentest pipeline integration.
ler #36
SELinux Without Fear: Custom Policies for Critical Services
From audit2allow forensics to versioned policy modules running in production, without falling into permanent permissive mode.
ler #37
Pivoting with Chisel and Ligolo-ng: Segmented Networks in a Pentest Lab
How to pivot across VLANs using Chisel and Ligolo-ng in a controlled lab, and which artifacts the blue team can capture to detect the reverse tunnel.
ler #38
Digital Compartmentalization: Separate Identities Without Leaking Metadata
How to keep personas, browsers and devices actually isolated by closing the metadata leaks that destroy any separation within minutes.
ler #39
AppSec Shift-Left: SAST, SCA and Secrets Scanning Without Slowing the Team
How Basilisk OffSec rolls out AppSec gradually, measuring developer friction and avoiding the permanently red pipeline nobody bothers to read.
ler #40
Hunting Living-off-the-Land Binaries on Windows with KQL
Production-ready KQL queries for Microsoft Defender and Sentinel to hunt LOLBin abuse from rundll32, mshta, and certutil in real environments.
ler #41
DFIR on Linux: Live Triage with UAC and Velociraptor
How the Basilisk team runs live triage on compromised Linux hosts using UAC and Velociraptor without destroying volatile evidence.
ler #42
Dependency Confusion and Typosquatting: Practical Defense for Dev Teams
How registry policies, lockfiles and scoping block malicious packages before they hit the build. Hands-on technical guide from the Basilisk team.
ler #43
Purple Team in Practice: Building a Red vs Blue Feedback Loop
How to integrate adversarial emulation with the SOC, close detection gaps in short sprints, and turn exercises into versioned Sigma rules.
ler #44
Tails, Whonix or Qubes OS: Which to Pick for Each OPSEC Scenario
Technical comparison of Tails, Whonix and Qubes OS with objective criteria around threat model, compartmentalization and operational cost to pick the right OS.
ler #45
Container Forensics: Investigating Kubernetes Compromises Like a Pro
How the Basilisk team collects evidence from pods, runtime, and control plane after a suspected incident in production Kubernetes clusters.
ler #46
Windows Persistence: 10 Documented Techniques and Their Countermeasures
Defensive catalog of 10 Windows persistence mechanisms with ready-to-run KQL hunting queries and hardening measures any SOC can deploy this week.
ler #47
OPSEC for Security Researchers: Building a Personal Threat Model
Before you install Tails, Qubes or Signal, draw your individual threat model. Skip it and you are just stacking tools and burning effort in the wrong place.
ler #48
EDR Evasion for Research: Direct Syscalls Explained Without the Hype
How direct syscalls actually work in controlled defensive study, why they remain detectable, and what blue teams should look for before buying the next black box.
ler #49
Authorized Red Team Phishing: Templates, GoPhish and Ethical Guardrails
How written-scope red team engagements use GoPhish, build believable templates, and why firing a campaign without authorization ends careers.
ler #50
Android Mobile App Pentest: Frida, MobSF, and a Genymotion Lab
End-to-end setup for dynamic analysis of your own APKs using Frida, MobSF, and Genymotion, with hands-on hooks and a technical checklist.
ler