#security#devops#python#opensource
Running a Full Multi-Stage Intrusion Simulation. Every Detection Fired.
I've been building SHENRON for a while — a polymorphic adversarial simulation framework that...
GnomeMan42016 min readg
Articles by @gnomeman4201
Browse the latest writing surfaced through DevArt.
GnomeMan42016 min read
#security#github#python#opensource
Found a Second Layer to a GitHub Follow Botnet
This is Part 2 of an ongoing investigation. Part 1 documented the initial discovery — 8 accounts with...
GnomeMan420117 min read
#security#github#python#opensource
Found a Coordinated GitHub Follow Botnet Hiding in My Followers?
Eight accounts, six years of creation dates, following counts within a range of 25. Here's how following-list overlap analysis exposed a coordinated inauthentic network that cross-follow detection completely missed.
GnomeMan42017 min read
#security#blueteam#python#opensource
SHENRON v0.3.3: From Telemetry Generator to Blue-Team Reasoning Instrument
What changed between "here is synthetic telemetry" and "here is what your validation claims to...
GnomeMan42015 min read
#security#blueteam#python#opensource
Observable Adversarial Behavior, Not Portable Adversarial Procedure
How I built SHENRON as a defensive telemetry simulation lab for blue-team validation without shipping...
GnomeMan42016 min read
#ai#career#discuss#productivity
What AI failure made you better at your actual work?
A post by GnomeMan4201
GnomeMan4201Curated read
#promptengineering#ai#security#llm
Prompting Is Not Magic. It Is Control.
Most prompt books optimize for better answers. I wanted prompts that fail visibly. Most prompt...
GnomeMan42018 min read
#security#llm#ai#cybersecurity
48 Hours After Publishing: Second-Order Injection Field Notes
This is a dispatch, not a paper. Notes from the 48 hours after publishing the second-order injection...
GnomeMan42012 min read
GnomeMan4201Curated read
#security#llm#ai#cybersecurity
48 Hours After Publishing: Second-Order Injection Field Notes
This is a dispatch, not a paper. Notes from the 48 hours after publishing the second-order injection...
GnomeMan42012 min read
#security#llm#ai#cybersecurity
Second-Order Injection: Attacking the Evaluator in LLM Safety Monitors
Second-Order Injection: Attacking the Evaluator in LLM Safety Monitors gnomeman4201 /...
GnomeMan420114 min read
#llmsecurity#security#python#opensource
I Built a Policy Drift Detector for LLM Agents. Here's What Four Versions Taught Me.
This is part of an ongoing series on drift_orchestrator — an open-source safety library for detecting...
GnomeMan42016 min read
#security#llm#machinelearning#python
The Dual-Signal Governor: A Control-Plane Pattern for Drift-Aware Systems
Your drift detector fires. The session looks clean. You roll back anyway. That's the false positive...
GnomeMan42014 min read
#ai#security#drift#research
Semantic Gradient Evasion: How Embedding-Based Drift Detectors Can Be Bypassed Step by Step
TL;DR: AI drift detectors that use embedding distance as their primary signal can be bypassed by...
GnomeMan420110 min read
#ai#llm#cybersecurity#redteam
LLM Agents Need a Nervous System, Not Just a Brain
Most LLM agent frameworks assume model output is either correct or incorrect. A binary. Pass or...
GnomeMan42013 min read
#ai#llm#machinelearning#writing
Drift Artifact: A Method for Writing That Performs Its Own Argument
The problem I kept running into Every time I tried to explain how AI personalization...
GnomeMan42013 min read
#security#discuss#community#webdev
CoderLegion Is Not a Developer Community. It’s a Growth Engine.
I don’t have any affiliation with CoderLegion or competing platforms. This is an independent...
GnomeMan42013 min read
#security#ai#llm#webdev
Operating in Prompt Space: Red Teaming the Control Plane of an LLM
Before this post existed, it was a prompt. Before that, a response to a prompt. Before that, a...
GnomeMan420110 min read
#security#devops#humor#comics
LANimals: 7 Comics About the People Who Are Always the Vulnerability
Most security incidents aren’t caused by sophisticated attackers. They happen because normal work...
GnomeMan42011 min read
#linux#opensource#tutorial
Why I Keep Returning to Pop!_OS
I've cycled through Arch, Kali, Fedora, Ubuntu, macOS, Windows 10/11, and niche distros like Void and...
GnomeMan42015 min read
#cybersecurity#youtube#algorithms#devto
Threat Modeling the YouTube Algorithm: A Security Researcher's Guide to Content Strategy
📌 Missed Part 1? Start here: YouTube Monetization, Speed, and Risks (Part 1) This section continues...
GnomeMan420113 min read
#meta#community#security#discuss
Has Anyone Else Seen a Suspicious Follower Spike Recently?
Quick question for the community: Over the past few days, has anyone noticed unusual follower...
GnomeMan42012 min read
#frontend#opensource#webdev#cybersecurity
Frontend Devs: Weaponize Beauty. Build UIs That Command Respect
TL;DR: I build offensive security frameworks. You build interfaces. Let's make tools that researchers...
GnomeMan42019 min read
#cybersecurity#redteam#infosec#offensivesecurity
zer0DAYSlater: A Modular Adversarial Simulation and Red-Team Research Framework
zer0DAYSlater is a modular, offline-capable red-team research framework built to simulate advanced...
GnomeMan42015 min read
#devto#opensource#python
Built a Free Analytics Tool for DEV.to (Because the Dashboard Wasn't Enough)
The Problem Every DEV Writer Faces You publish an article. It gets some views. Maybe a...
GnomeMan42015 min read
#devchallenge#auth0challenge#ai
Reflexive Identity — The Self-Defending AI Agent with Auth0
What if an AI agent could authenticate itself before taking any action—verifying its own integrity...
GnomeMan42016 min read
#cybersecurity#softwaredevelopment
The Unspoken Conversation: When Your Code Attracts the Wrong Kind of Attention
There's a particular flavor of email that arrives dressed as opportunity but carries the subtle...
GnomeMan42013 min read
#contentcreation#webmonetization#algorithms
YouTube Monetization, Speed, and Risks (Part 1)
Introduction The modern digital landscape is rife with anecdotes of creators discovering a...
GnomeMan42016 min read
#security#cybersecurity#devops
The Ghost in the Machine: A Defender's Guide to Offline Security Testing with Blackglass_Suite
TL;DR Blackglass_Suite is a safe, offline-first research toolkit for generating synthetic adversary...
GnomeMan420110 min read