Article Archive

This archive contains 162 exported Medium articles converted into Docusaurus pages inside the 1200km.com ecosystem.

• Preserved images/screenshots/infographics: 1712
• Preserved code/configuration blocks: 3011
• Images are referenced from their original Medium CDN URLs so covers and inline screenshots render without lossy local recompression.

Articles by Year

2026

• CTI Analyst Field Manual — Complete Reference - 2026-05-18 | CTI | 72 image(s) | 50 code block(s)
• Customer-Driven AI CTI Project - 2026-05-13 | CTI | 17 image(s) | 0 code block(s)
• Customer-Driven AI CTI Project Template. Part 2A: Phase-by-Phase Execution Guide - 2026-05-12 | CTI | 25 image(s) | 37 code block(s)
• Customer-Driven AI CTI Project Template:Part 2B: Reference Toolkit - 2026-05-12 | CTI | 1 image(s) | 70 code block(s)
• Customer-Driven AI CTI Project Template. Part 1: Foundations - 2026-05-11 | CTI | 29 image(s) | 18 code block(s)
• Applying Sherman Kent’s Analytic Discipline to CTI: A Practical Analyst Guide - 2026-05-10 | CTI | 14 image(s) | 1 code block(s)
• CTI Kill Chain: An Analyst Guide With Real-World Evidence - 2026-05-09 | CTI | 11 image(s) | 1 code block(s)
• CTI-Led Defensive Strategy for a Cellular Provider (Case Study) - 2026-05-09 | CTI | 20 image(s) | 53 code block(s)
• Manual CTI vs. AI-Assisted CTI: A Step-by-Step Clock Comparison - 2026-05-08 | CTI | 10 image(s) | 7 code block(s)
• Attack Playbook — Operation DragonRx - 2026-05-04 | CTI | 58 image(s) | 104 code block(s)
• APT41 Targeting Pharmaceutical Sector: Log4Shell to Domain Compromise - 2026-05-02 | CTI | 18 image(s) | 23 code block(s)
• Lab Architecture — Operation DragonRx - 2026-05-02 | CTI | 10 image(s) | 28 code block(s)
• AI Offensive Security: Practical Attacks Against LLM Agents - 2026-04-29 | CTI | 19 image(s) | 37 code block(s)
• Vulnerable AI Lab - 2026-04-28 | CTI | 23 image(s) | 57 code block(s)
• CTI Research: Kubernetes & Cloud-Native Threat Landscape - 2026-04-25 | CTI | 22 image(s) | 28 code block(s)
• Detecting Malicious Insider Activity: A Technical Detection Engineering Guide - 2026-04-22 | CTI | 32 image(s) | 0 code block(s)
• Malicious Activity as a Statistical Signal: A Detection Engineering Analysis of Anomaly-Based… - 2026-04-20 | CTI | 44 image(s) | 11 code block(s)
• What AI-Assisted Offensive Work Actually Means for Your Detection Program: A Practitioner’s… - 2026-04-18 | CTI | 14 image(s) | 0 code block(s)
• From Threat Intelligence to Detection: A Practitioner’s Guide - 2026-04-14 | CTI | 22 image(s) | 31 code block(s)
• AI in Offensive Operations: How Threat Actors Use Artificial Intelligence - 2026-04-12 | CTI | 22 image(s) | 0 code block(s)
• Android APK Vulnerability Research Complete Guide - 2026-04-08 | CTI | 18 image(s) | 89 code block(s)
• Deliberately Vulnerable Android App Covering Every OWASP Mobile Top 10 Class - 2026-04-08 | CTI | 2 image(s) | 30 code block(s)
• Android Emulation & Virtualisation - 2026-04-07 | CTI | 24 image(s) | 47 code block(s)
• Building an Android App Analysis Lab on Ubuntu: A Practical Setup Guide - 2026-04-06 | CTI | 13 image(s) | 21 code block(s)
• Android APK Analysis Tool: AI-Powered Static Malware Analysis in Your Terminal - 2026-03-30 | CTI | 10 image(s) | 17 code block(s)
• Android Malware Analysis: A Practical Guide for Security Analysts - 2026-03-30 | CTI | 30 image(s) | 93 code block(s)
• CVSS v4.0: The Practical Field Guide for Vulnerability Management - 2026-03-24 | CTI | 31 image(s) | 53 code block(s)
• Infrastructure Pivoting: How CTI Analysts Expand From a Single IOC to a Full Attacker Network - 2026-03-21 | CTI | 26 image(s) | 58 code block(s)
• Attribution Methodology: How to Build, Defend, and Challenge a Threat Actor Attribution - 2026-03-20 | CTI | 11 image(s) | 9 code block(s)
• ATT&CK as a Working Tool: Theory and Hands-On Practical Usage - 2026-03-19 | CTI | 40 image(s) | 29 code block(s)
• Navigate My Blog: All Articles by Topic - 2026-03-16 | CTI | 6 image(s) | 0 code block(s)
• AI-Powered Malware Debugger That Explains Every Function It Sees - 2026-03-14 | CTI | 9 image(s) | 25 code block(s)
• StratusAI: I Built an AI-Powered Cloud Security Scanner for AWS and GCP — Here’s Everything - 2026-03-14 | CTI | 9 image(s) | 116 code block(s)
• Building a Vulnerable Cloud Pentest Lab with Terraform - 2026-03-13 | CTI | 6 image(s) | 41 code block(s)
• Building a Dockerized AI-Powered Host Vulnerability Assessment Tool - 2026-03-11 | CTI | 8 image(s) | 44 code block(s)
• CTI Research: MuddyWater/Seedworm (Mango Sandstorm) - 2026-03-09 | CTI | 10 image(s) | 0 code block(s)
• CTI Research: Sandworm / APT44 - 2026-03-07 | CTI | 10 image(s) | 0 code block(s)
• CTI Research: Handala Hack Group (aka Handala Hack Team) - 2026-03-06 | CTI | 14 image(s) | 0 code block(s)
• Basic Static Malware Analysis: From Triage to Unpacking — Explained and Automated - 2026-03-01 | CTI | 3 image(s) | 51 code block(s)
• Unpacker: A Practical Guide to Modular Malware Packer Detection and Unpacking - 2026-02-28 | CTI | 4 image(s) | 24 code block(s)
• A Practical Guide to String Analyzer: Extract and Analyze Strings from Binaries (Without the… - 2026-02-26 | CTI | 4 image(s) | 10 code block(s)
• PE Import Analyzer: A Practical Guide for Malware Analysts and Reverse Engineers - 2026-02-26 | CTI | 3 image(s) | 6 code block(s)
• One Tool to Rule Them All: File Metadata & Static Analysis for Malware Analysts and SOC Teams - 2026-02-21 | CTI | 7 image(s) | 16 code block(s)
• The Complete Guide to AI-Driven Penetration Testing: Cursor, MCP, and the Modern PT Workflow - 2026-02-19 | CTI | 1 image(s) | 1 code block(s)
• Build a Vulnerable IIS SharePoint Lab with Fluent Bit: Complete Deployment Guide - 2026-02-13 | CTI | 1 image(s) | 29 code block(s)
• Kubernetes Logging and Monitoring: Complete Guide - 2026-02-11 | CTI | 9 image(s) | 28 code block(s)
• GCP Penetration Testing: A Step-by-Step Attack Guide - 2026-02-09 | CTI | 5 image(s) | 36 code block(s)
• Welcome to the New Era: When a Teenager Can Crash Your Company in Minutes - 2026-02-06 | CTI | 1 image(s) | 0 code block(s)
• ⚠️ WARNING: I Just Built Real Malware by using just human language prompts! - 2026-02-05 | CTI | 8 image(s) | 22 code block(s)
• My lab: - 2026-02-04 | Cloud & Kubernetes | 0 image(s) | 0 code block(s)
• One-Prompt AI-Powered Black-Box Kubernetes Penetration Test - 2026-02-04 | CTI | 1 image(s) | 28 code block(s)
• Black-Box Kubernetes Penetration Testing Playbook - 2026-02-03 | CTI | 30 image(s) | 49 code block(s)
• Building a Vulnerable Kubernetes Lab: A Complete Guide to 25 Critical Security Issues - 2026-02-02 | CTI | 6 image(s) | 78 code block(s)
• A Complete Cloud Penetration Testing Walkthrough - 2026-01-31 | CTI | 14 image(s) | 27 code block(s)
• AI-Assisted Web and Cloud Penetration Testing with Cursor + MCP HexStrike and Burp Suite MCP. - 2026-01-31 | CTI | 5 image(s) | 44 code block(s)
• Building a Vulnerable GCP Pentest Lab with Terraform - 2026-01-29 | CTI | 18 image(s) | 96 code block(s)
• Cursor + Hexstrike. Fully Automated ADCS ESC8 Attack - 2026-01-29 | CTI | 1 image(s) | 8 code block(s)
• ADCS ESC8 Attack: Certificate-Based Domain Compromise — Complete Guide - 2026-01-28 | CTI | 19 image(s) | 37 code block(s)
• AI-Driven Black Box Active Directory Penetration Testing - 2026-01-27 | CTI | 1 image(s) | 7 code block(s)
• Active Directory Penetration Testing - 2026-01-26 | CTI | 27 image(s) | 47 code block(s)
• Hi! Two of my articles have been in pending status for the past few days. - 2026-01-25 | Security Research | 0 image(s) | 0 code block(s)
• Active Directory Lab for PenTest. Manual Deployment Guide - 2026-01-24 | CTI | 14 image(s) | 32 code block(s)
• Deploy a Complete Active Directory PenTest Lab in One Prompt with Cursor AI - 2026-01-23 | CTI | 13 image(s) | 32 code block(s)
• The AI Revolution in Offensive Security - 2026-01-19 | CTI | 14 image(s) | 0 code block(s)
• The One-Prompt PT Lab: Autonomous Android Security Research with Cursor AI - 2026-01-17 | CTI | 2 image(s) | 64 code block(s)
• Hacker Tool Development Workflow: Android Rubber Ducky Payloads in Cursor AI - 2026-01-16 | CTI | 7 image(s) | 19 code block(s)
• Building a USB Rubber Ducky with Arduino Leonardo with Cursor. - 2026-01-15 | CTI | 3 image(s) | 3 code block(s)
• HexStrike + Cursor for OSINT: From One Email to a Full Exposure Map - 2026-01-11 | CTI | 1 image(s) | 2 code block(s)
• HexStrike + Cursor (MCP): From Single Target → Full Subnet Compromise (Lab PT Walkthrough) - 2026-01-08 | CTI | 3 image(s) | 3 code block(s)
• Building an Extremely Vulnerable Ubuntu 24.04 Server Lab (Bonus: Full PT with Hexstrike) - 2026-01-06 | CTI | 4 image(s) | 16 code block(s)
• Building an Extremely Vulnerable Windows 10 Lab: A Step-by-Step Guide (Bonus:Full PT with… - 2026-01-05 | CTI | 6 image(s) | 36 code block(s)
• HexStrike + Gemini. AI-Assisted SMB Exposure Credential Brute-Force - 2026-01-05 | CTI | 7 image(s) | 2 code block(s)
• HexStrike + Gemini. AI-Assisted SSH Credential Brute-Force - 2026-01-04 | CTI | 4 image(s) | 1 code block(s)
• HexStrike+OpenAI Codex. AI-Driven Exploitation of Metasploitable. - 2026-01-03 | CTI | 8 image(s) | 8 code block(s)
• Burp Suite MCP + Gemini CLI - 2026-01-02 | CTI | 6 image(s) | 4 code block(s)

2025

• HexStrike MCP Orchestration with Ollama: Ubuntu Host, Kali VM, SSH Bridging, and Performance… - 2025-12-31 | CTI | 15 image(s) | 22 code block(s)
• AI-Driven Office Documents Password Recovery with HexStrike-AI and Gemini-CLI - 2025-12-29 | CTI | 8 image(s) | 3 code block(s)
• AI-Driven PDF Password Recovery with HexStrike-AI and Gemini-CLI - 2025-12-29 | CTI | 8 image(s) | 3 code block(s)
• HexStrike + Gemini vs. HackerAI: “Ops Copilot” vs. “Chatbot with Tools” - 2025-12-26 | CTI | 2 image(s) | 0 code block(s)
• AI-Driven ZIP Password Recovery with HexStrike-AI and Gemini-CLI - 2025-12-25 | CTI | 6 image(s) | 8 code block(s)
• HexStrike-AI: A Force Multiplier for Red Teams — and a Dangerous Shift in the Threat Landscape - 2025-12-25 | CTI | 1 image(s) | 0 code block(s)
• AI-Driven Wireless Penetration Testing. One Promt WIFI cracking - 2025-12-24 | CTI | 9 image(s) | 4 code block(s)
• Integrating Shodan with HexStrike-AI Using Gemini-CLI - 2025-12-23 | CTI | 2 image(s) | 8 code block(s)
• AI-Driven Web Application Pentesting with HexStrike-AI - 2025-12-22 | CTI | 8 image(s) | 5 code block(s)
• AI-Driven Pentesting at Home: Using HexStrike-AI for Full Network Discovery and Exploitation - 2025-12-21 | CTI | 3 image(s) | 5 code block(s)
• HexStrike AI: Install, Configure, and Run MCP with Gemini, OpenAI, Cursor, Llama - 2025-12-18 | CTI | 28 image(s) | 26 code block(s)
• Endpoint Threat Hunting: Proactive Detection on Windows, Linux, and macOS - 2025-12-14 | CTI | 1 image(s) | 6 code block(s)
• Protocol-Level Network Threat Hunting: A Wireshark-Centric Guide - 2025-12-12 | CTI | 12 image(s) | 9 code block(s)
• Correlation-Based Detection Rules in Cybersecurity: From Atomic Events to Behavioral Insight - 2025-12-02 | CTI | 1 image(s) | 3 code block(s)
• Single-Event Detection Rules in Cybersecurity - 2025-12-01 | CTI | 19 image(s) | 0 code block(s)
• Enhancing Penetration Testing with HackerAI: Step-by-Step Guide (Metasploitable Lab) - 2025-11-26 | CTI | 14 image(s) | 16 code block(s)
• Getting More from Burp Suite with LLMs - 2025-11-25 | CTI | 4 image(s) | 18 code block(s)
• Reinventing Recon: Nmap Meets ChatGPT - 2025-11-24 | CTI | 3 image(s) | 3 code block(s)
• SpiderFoot Deep Dive: Installation, Scans, and Practical Use Cases - 2025-11-23 | CTI | 10 image(s) | 4 code block(s)
• Cloud-Native Security Threats, Attacks, and Detection Strategies - 2025-11-07 | CTI | 1 image(s) | 0 code block(s)
• Deploying Fluent Bit as a Windows Service for Centralized Log Forwarding - 2025-11-02 | CTI | 7 image(s) | 11 code block(s)
• The Atomic Standard: A Practitioner’s Compendium for Single-Event Threat Detection - 2025-11-01 | CTI | 1 image(s) | 0 code block(s)
• Meet syscheck_beauty: a colorful Linux system report with deep storage insights (and exportable… - 2025-10-20 | CTI | 3 image(s) | 12 code block(s)
• Augmenting Digital Forensics with AI: How ChatGPT Transforms Investigation Workflows - 2025-10-19 | CTI | 4 image(s) | 1 code block(s)
• Automating a Safe DVWA Lab with Ansible: Build a Reproducible Vulnerable Environment for Training… - 2025-10-18 | CTI | 4 image(s) | 23 code block(s)
• The Invisible Pipeline: Defending CI/CD from Targeted Attacks - 2025-10-14 | CTI | 1 image(s) | 3 code block(s)
• Villager: The AI-Powered Penetration Testing Framework - 2025-10-13 | CTI | 2 image(s) | 0 code block(s)
• From Bugs to Breaches: Learning Secure Coding Through the OWASP Top 10 - 2025-08-31 | CTI | 2 image(s) | 24 code block(s)
• The 20x Employee: A Strategic Framework for Unlocking Hyper-Productivity with Artificial… - 2025-08-01 | CTI | 7 image(s) | 0 code block(s)
• Quick‑Start Server Hardening Checklist (all open‑source) - 2025-07-27 | CTI | 4 image(s) | 20 code block(s)
• Information Security Awareness: Principles and Best Practices for Employees - 2025-07-25 | CTI | 4 image(s) | 0 code block(s)
• Phishing Email Awareness: Protecting Employees and Organizations - 2025-07-25 | CTI | 6 image(s) | 0 code block(s)
• Cyberattacks on 4G/LTE Telecom Networks: Threat Mapping and Defense - 2025-07-20 | CTI | 9 image(s) | 0 code block(s)
• Cyberattacks on 5G Telecom Networks: Threat Mapping and Defense - 2025-07-20 | CTI | 2 image(s) | 0 code block(s)
• FluentBit on Kubernetes DemonSet Deployment. - 2025-07-11 | CTI | 3 image(s) | 15 code block(s)
• Sending EKS Control Plane Logs via AWS Lambda - 2025-07-11 | CTI | 23 image(s) | 18 code block(s)
• Threat Hunting with the Pyramid of Pain - 2025-07-09 | CTI | 1 image(s) | 0 code block(s)
• Fluent Bit on AWS-EKS: Centralized Kubernetes Log Shipping to XPLG - 2025-07-08 | CTI | 7 image(s) | 14 code block(s)
• Tools by MITRE ATT&CK Guide - 2025-06-17 | CTI | 1 image(s) | 11 code block(s)
• Deep Dive: Automating Static Malware Analysis with Three Python Tools - 2025-04-17 | CTI | 2 image(s) | 17 code block(s)
• Static Malware Analysis. File Fingerprinting - 2025-04-01 | CTI | 8 image(s) | 0 code block(s)
• Static Malware Analysis . Obfuscation. - 2025-03-30 | CTI | 15 image(s) | 7 code block(s)
• Static Malware Analysis. Strings analysis. - 2025-03-29 | CTI | 7 image(s) | 9 code block(s)
• SPW AW25 — PO.010 SMS.exe.exe (AgentTesla) - 2025-03-24 | CTI | 45 image(s) | 5 code block(s)
• Authenticator.exe/DearSteeler - 2025-03-14 | CTI | 51 image(s) | 1 code block(s)
• SOC Tier 1: The Complete Onboarding Guide to Security Monitoring and Incident Response - 2025-02-24 | CTI | 1 image(s) | 0 code block(s)

2024

• Title Metasploit modules guide. Exploit - 2024-11-24 | CTI | 11 image(s) | 12 code block(s)
• How to Create a Vulnerable Windows Virtual Machine for Pentesting Training with scripts! - 2024-11-20 | CTI | 6 image(s) | 8 code block(s)
• Metasploit modules guide. Auxiliary - 2024-11-18 | CTI | 24 image(s) | 30 code block(s)
• The Ultimate Guide to Metasploit. Part 1. - 2024-11-17 | CTI | 25 image(s) | 34 code block(s)
• The Basic Toolkit for Penetration Testing - 2024-11-16 | CTI | 22 image(s) | 0 code block(s)
• 2John - 2024-11-15 | AI Security | 1 image(s) | 0 code block(s)
• John The Ripper Hash Formats - 2024-11-15 | Offensive Security | 0 image(s) | 192 code block(s)
• Mastering John the Ripper: A Complete Guide to Password Cracking - 2024-11-15 | CTI | 6 image(s) | 22 code block(s)
• Web Applications Penetretion Testing. Stage 2: Scanning and Vulnerability Assessment - 2024-11-13 | CTI | 3 image(s) | 2 code block(s)
• Nikto: Uncovering Web Server Vulnerabilities with an Open-Source Scanner - 2024-11-12 | CTI | 19 image(s) | 33 code block(s)
• OWASP ZAP: A Comprehensive Guide to Web Application Security Testing - 2024-11-12 | CTI | 14 image(s) | 0 code block(s)
• Mastering Burp Suite Vulnerability Scanner - 2024-11-11 | CTI | 14 image(s) | 0 code block(s)
• Censys for Enhanced Cybersecurity Insight - 2024-11-10 | CTI | 7 image(s) | 0 code block(s)
• Mastering DirBuster: A Strategic Approach to Uncovering Hidden Web Assets - 2024-11-10 | CTI | 5 image(s) | 6 code block(s)
• Unlocking Web Intelligence: A Deep Dive into WhatWeb - 2024-11-10 | CTI | 7 image(s) | 14 code block(s)
• Web Applications Penetretion Testing. Stage 1: Reconnaissance - 2024-11-10 | CTI | 1 image(s) | 0 code block(s)
• Mastering the Basics: Essential CLI Tools for Reconnaissance in Penetration Testing - 2024-11-09 | CTI | 11 image(s) | 8 code block(s)
• Sublist3r. Your Essential Tool for Subdomain Enumeration - 2024-11-07 | CTI | 3 image(s) | 20 code block(s)
• theHarvester: Your Essential Tool for OSINT and Reconnaissance in Cybersecurity - 2024-11-07 | CTI | 6 image(s) | 10 code block(s)
• OWASP Amass Project guide - 2024-11-06 | CTI | 3 image(s) | 7 code block(s)
• SQLMap: A Deep Dive into Automated SQL Injection Testing. Part 2. (Advanced, custom setup) - 2024-11-05 | CTI | 2 image(s) | 13 code block(s)
• SQLMap: A Deep Dive into Automated SQL Injection Testing. Part 1. (basic, wizard) - 2024-11-04 | CTI | 11 image(s) | 15 code block(s)
• Breaking the Code: How to Use Hashcat for Effective Password Cracking - 2024-11-03 | CTI | 2 image(s) | 17 code block(s)
• Mastering Hydra: The Ultimate Guide to Network Logon Cracking - 2024-11-01 | CTI | 5 image(s) | 30 code block(s)
• Mastering Nmap: A Comprehensive Guide to Network Exploration and Security Auditing. Part 4. Scripts - 2024-10-30 | CTI | 14 image(s) | 19 code block(s)
• Passwords cracking.ZIP, PDF, WEB, RDP, SSH, Cameras… - 2024-10-29 | CTI | 7 image(s) | 0 code block(s)
• Mastering Nmap: A Comprehensive Guide to Network Exploration and Security Auditing. Part 3 - 2024-10-28 | CTI | 3 image(s) | 14 code block(s)
• Office file (DOC, DOCX, PPT…) Password cracking. Guide with real life examples! - 2024-10-28 | CTI | 7 image(s) | 6 code block(s)
• PDF file Password cracking. Guide with real life examples! - 2024-10-28 | CTI | 7 image(s) | 6 code block(s)
• ZIP file Password cracking. Guide with real life examples! - 2024-10-28 | CTI | 7 image(s) | 5 code block(s)
• Mastering Nmap: A Comprehensive Guide to Network Exploration and Security Auditing. Part 2 - 2024-10-27 | CTI | 2 image(s) | 10 code block(s)
• Mastering Nmap: A Comprehensive Guide to Network Exploration and Security Auditing. Part 1 - 2024-10-26 | CTI | 13 image(s) | 14 code block(s)
• Cracking Web Interfaces with Burp Suite: A Comprehensive Tutorial - 2024-10-24 | CTI | 14 image(s) | 0 code block(s)
• Shodan , guide how you can find everything! - 2024-10-24 | CTI | 1 image(s) | 0 code block(s)
• Cracking RTSP Security: A Comprehensive Guide to Using the RTSP Brute Force Tool - 2024-10-23 | CTI | 3 image(s) | 5 code block(s)
• Cracking SSH with Metasploit: A Step-by-Step Guide to Exploiting Weak Credentials - 2024-10-23 | CTI | 5 image(s) | 4 code block(s)
• Cracking Telnet: Exploring Weaknesses and Exploitation Techniques - 2024-10-22 | CTI | 3 image(s) | 2 code block(s)
• Exploiting FTP Vulnerabilities for Effective Penetration Testing - 2024-10-21 | CTI | 7 image(s) | 5 code block(s)
• Accessing Remote Desktops: A Beginner’s Guide to RDP Cracking with Crowbar and PPG tools - 2024-10-20 | CTI | 3 image(s) | 4 code block(s)
• Personal Pass Generator (PPG): The Ultimate Tool for Custom Password Lists - 2024-10-20 | CTI | 2 image(s) | 0 code block(s)
• WiFi cracking with Aircrack-ng - 2024-10-17 | CTI | 11 image(s) | 16 code block(s)