My name is Ash DeHart, and I'm a hobbyist security researcher who lives at the intersection of offensive techniques, defensive strategy, and nation-state/techno-plutocracy research. I dig into malware, focus on threat prevention, study our evolving landscape, and write about what I find.
Currently exploring: Unauthorized AI Identities, Nation-State Threats, and Cloud Misconfigs.
This site is my public notebook — research discoveries, tool reviews, instructional manuals, and a portal to the resources I use.
This site acts as a hub for research, education, and as a personal portfolio. None of the information on this site is representative of or associated with my employer, in any way, shape, or form.
Did you know that most Linux distributions, such as Ubuntu, Debian, Fedora, ship with the local firewall either disabled by default or auto-configured to allowing all incoming traffic? This post explores how to secure a Linux machine at the network layer.
READ_MORE.exe →A browser hijacker signed by "Trivolead LTD" (Tel Aviv) that overwrites Chrome's Web Data SQLite file at the OS level — bypassing AV entirely at time of analysis.
READ_MORE.exe →AI transcription services don't need to be invited. Even after hardening, they can ride in via ICS calendar files - auto-joining calls before anyone notices. In todays environment, they'll often train their AI on your data without expressed consent.
READ_MORE.exe →Cloud infrastructure is increasingly recognized as the more hands-off, and sometimes ideal, approach. What if you are compromising your security by introducing an environment that you have no real-world, physical control over? This post explores the inherent issues with cloud infrastructure that large providers, like AWS, do not have an answer for.
READ_MORE.exe →An IP in a log is a starting point, not an answer. This post covers the full passive-recon attribution chain: IPWHOIS and ASN lookups, passive DNS history, and certificate transparency logs. Includes a walkthrough of attributing a phishing campaign's infrastructure using only free tooling.
READ_MORE.exe →A domain controller migration should also be an audit of every privilege assumption baked into your environment over years of "just make it work." Covers FRS-to-DFSR as a security prerequisite, topology discipline, auditing service credentials before FSMO transfer, role hygiene, and why maintenance windows are a security control.
READ_MORE.exe →Interested in collaborating, or just talking shop? Love my current job, and I'm open to: