<?xml version="1.0" encoding="UTF-8"?><rss xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:atom="http://www.w3.org/2005/Atom" version="2.0" xmlns:itunes="http://www.itunes.com/dtds/podcast-1.0.dtd" xmlns:googleplay="http://www.google.com/schemas/play-podcasts/1.0"><channel><title><![CDATA[Cyber Notes]]></title><description><![CDATA[Cloud Security Projects, Essays & Guides. 

☁️ Free Cloud Security Starter Pack in welcome Email ⬇️]]></description><link>https://www.cybernotes.tech</link><image><url>https://substackcdn.com/image/fetch/$s_!wiuw!,w_256,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F96e971cf-35a8-446e-90a7-27e9f627abbb_256x256.png</url><title>Cyber Notes</title><link>https://www.cybernotes.tech</link></image><generator>Substack</generator><lastBuildDate>Wed, 01 Jul 2026 18:04:56 GMT</lastBuildDate><atom:link href="https://www.cybernotes.tech/feed" rel="self" type="application/rss+xml"/><copyright><![CDATA[W J Pearce]]></copyright><language><![CDATA[en]]></language><webMaster><![CDATA[gradedinfo@gmail.com]]></webMaster><itunes:owner><itunes:email><![CDATA[gradedinfo@gmail.com]]></itunes:email><itunes:name><![CDATA[W J Pearce]]></itunes:name></itunes:owner><itunes:author><![CDATA[W J Pearce]]></itunes:author><googleplay:owner><![CDATA[gradedinfo@gmail.com]]></googleplay:owner><googleplay:email><![CDATA[gradedinfo@gmail.com]]></googleplay:email><googleplay:author><![CDATA[W J Pearce]]></googleplay:author><itunes:block><![CDATA[Yes]]></itunes:block><item><title><![CDATA[Are Cloud Security Certs Still even worth it? 📜]]></title><description><![CDATA[Are you wasting your time in 2026?]]></description><link>https://www.cybernotes.tech/p/are-cloud-security-certs-still-even</link><guid isPermaLink="false">https://www.cybernotes.tech/p/are-cloud-security-certs-still-even</guid><dc:creator><![CDATA[W J Pearce]]></dc:creator><pubDate>Sun, 28 Jun 2026 18:30:16 GMT</pubDate><enclosure url="https://substackcdn.com/image/fetch/$s_!rKhC!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdf391724-a3fb-477e-9e07-a196a1b008f6_1575x835.png" length="0" type="image/jpeg"/><content:encoded><![CDATA[<div class="captioned-image-container"><figure><a class="image-link image2" target="_blank" href="https://substackcdn.com/image/fetch/$s_!bJ33!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!bJ33!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 424w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 848w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1272w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!bJ33!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png" width="1344" height="256" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:256,&quot;width&quot;:1344,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:null,&quot;alt&quot;:&quot;&quot;,&quot;title&quot;:&quot;&quot;,&quot;type&quot;:null,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:null,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" title="" srcset="https://substackcdn.com/image/fetch/$s_!bJ33!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 424w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 848w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1272w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1456w" sizes="100vw" fetchpriority="high"></picture><div></div></div></a></figure></div><p><strong>Last Issue:</strong><a href="https://www.cybernotes.tech/p/micro-security-project-3fb"> Micro Sec Project (Fixed)</a></p><p><strong>Next Issue: </strong><a href="http://cybernotes.tech">AWS Firewall Project: 100% Do this one &#128293;&#129521;</a></p><div><hr></div><p><strong>Super Quick one this week and a question I get a ton&#8230;</strong></p><p><em>&#8220;Are Cloud Security Certs Still even worth it? &#128220;&#8221;</em></p><p><strong>People in my position don&#8217;t actually have a definitive answer to this.</strong></p><p>I&#8217;ve been in this space for 7+ years. I really don&#8217;t know how hard it is to break in right now. The market shifts every six months, the requirements drift and what worked when I was getting started might be useless advice today.</p><p>So I&#8217;m not going to pretend I do.</p><div class="subscription-widget-wrap-editor" data-attrs="{&quot;url&quot;:&quot;https://www.cybernotes.tech/subscribe?&quot;,&quot;text&quot;:&quot;Subscribe&quot;,&quot;language&quot;:&quot;en&quot;}" data-component-name="SubscribeWidgetToDOM"><div class="subscription-widget show-subscribe"><div class="preamble"><p class="cta-caption">Cyber Notes is a reader supported publication. To receive new posts and support my work, consider becoming a free or paid subscriber.</p></div><form class="subscription-widget-subscribe"><input type="email" class="email-input" name="email" placeholder="Type your email&#8230;" tabindex="-1"><input type="submit" class="button primary" value="Subscribe"><div class="fake-input-wrapper"><div class="fake-input"></div><div class="fake-button"></div></div></form></div></div><p><strong>However, here&#8217;s what I </strong><em><strong>do</strong></em><strong> know about certs.</strong></p><p><strong>They give you accountability.</strong> Dropping &#163;300+ on an exam voucher with a date attached forces you to start the study. It stops &#8220;I&#8217;ll get to it next weekend.&#8221; You either show up prepared or loose your money.</p><p><strong>They give you a structured learning path.</strong> This is underrated. The hardest part of self teaching Cloud or Security isn&#8217;t the material, it&#8217;s figuring out <em>what</em> to learn and in <em>what order</em>. A good cert has done that work for you. You&#8217;re paying for the curriculum as much as the credential.</p><p><strong>Vendor certs often reflect the tools real engineers actually use.</strong> AWS, Azure, vendor specific security certs, the labs and concepts map directly onto what people are touching in production. That&#8217;s not always true of the more academic certs, but for Cloud and Security? Almost 100%</p><p><strong>They&#8217;re an HR tick box.</strong> I don&#8217;t love it either, but it&#8217;s reality. Recruiters filter resumes on keywords and &#8220;AWS Solutions Architect&#8221; works well.</p><p>So yes, I&#8217;d still do certs.</p><p><strong>Don&#8217;t just pass the exam.</strong></p><p>Take it one step further and actually build the things the cert is teaching you. </p><p>AWS is the perfect example. If you&#8217;re studying for the Solutions Architect Associate, don&#8217;t just memorise when to use S3 vs EBS vs EFS. Spin up the resources. Push files into a bucket. Mount EFS to an EC2 instance. Break IAM permissions and figure out why your Lambda can&#8217;t read from DynamoDB.</p><p><strong>My honest answer:</strong> Yes, certs are still worth it, <em>if</em> you treat them as the floor and not the ceiling.</p><p>W J Pearce - Cyber Notes</p><div><hr></div><p><strong>Calm, practical &amp; self paced training to help you break into Cloud Security &amp; DevSecOps</strong></p><p>&#128073; Pre-order here: <strong><a href="https://techtwoforty.com/">techtwoforty.com</a></strong></p><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!rKhC!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdf391724-a3fb-477e-9e07-a196a1b008f6_1575x835.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!rKhC!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdf391724-a3fb-477e-9e07-a196a1b008f6_1575x835.png 424w, https://substackcdn.com/image/fetch/$s_!rKhC!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdf391724-a3fb-477e-9e07-a196a1b008f6_1575x835.png 848w, https://substackcdn.com/image/fetch/$s_!rKhC!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdf391724-a3fb-477e-9e07-a196a1b008f6_1575x835.png 1272w, https://substackcdn.com/image/fetch/$s_!rKhC!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdf391724-a3fb-477e-9e07-a196a1b008f6_1575x835.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!rKhC!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdf391724-a3fb-477e-9e07-a196a1b008f6_1575x835.png" width="1456" height="772" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/df391724-a3fb-477e-9e07-a196a1b008f6_1575x835.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:772,&quot;width&quot;:1456,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:555834,&quot;alt&quot;:&quot;&quot;,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/180790089?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff0f4ee27-789b-45a5-bdff-eddb2af3398c_2614x1148.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" title="" srcset="https://substackcdn.com/image/fetch/$s_!rKhC!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdf391724-a3fb-477e-9e07-a196a1b008f6_1575x835.png 424w, https://substackcdn.com/image/fetch/$s_!rKhC!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdf391724-a3fb-477e-9e07-a196a1b008f6_1575x835.png 848w, https://substackcdn.com/image/fetch/$s_!rKhC!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdf391724-a3fb-477e-9e07-a196a1b008f6_1575x835.png 1272w, https://substackcdn.com/image/fetch/$s_!rKhC!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdf391724-a3fb-477e-9e07-a196a1b008f6_1575x835.png 1456w" sizes="100vw" loading="lazy"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div>]]></content:encoded></item><item><title><![CDATA[Micro Security Project 🐷]]></title><description><![CDATA[Do this on your Lunch Break...]]></description><link>https://www.cybernotes.tech/p/micro-security-project-3fb</link><guid isPermaLink="false">https://www.cybernotes.tech/p/micro-security-project-3fb</guid><dc:creator><![CDATA[W J Pearce]]></dc:creator><pubDate>Sun, 21 Jun 2026 18:31:22 GMT</pubDate><enclosure url="https://substackcdn.com/image/fetch/$s_!QP52!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fc235a72d-ca58-40d7-a04f-3604d4d5feb5_3800x2400.png" length="0" type="image/jpeg"/><content:encoded><![CDATA[<div class="captioned-image-container"><figure><a class="image-link image2" target="_blank" href="https://substackcdn.com/image/fetch/$s_!bJ33!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!bJ33!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 424w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 848w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1272w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!bJ33!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png" width="1344" height="256" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:256,&quot;width&quot;:1344,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:null,&quot;alt&quot;:&quot;&quot;,&quot;title&quot;:&quot;&quot;,&quot;type&quot;:null,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:null,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" title="" srcset="https://substackcdn.com/image/fetch/$s_!bJ33!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 424w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 848w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1272w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1456w" sizes="100vw" fetchpriority="high"></picture><div></div></div></a></figure></div><p><strong>Last Issue: </strong><a href="https://wjpearce.substack.com/p/setup-guide-odysseus-from-pewdiepie">Setup Guide: Odysseus from pewdiepie!?</a></p><p><strong>Next Issue: </strong><a href="http://cybernotes.tech/">Are Cloud &amp; Security Certs still worth it?</a></p><h1>One from the Archives </h1><p>I wanted to revisit an old project this week, it was one of the first Cloud Security tools I used and got my head around how it works.</p><div><hr></div><h3><strong>Secrets&#8230; Secrets&#8230; Secrets&#8230; Every company has them, every hacker wants to know them.</strong></h3><p><strong>TruffleHog</strong><span> is a lightweight tool used to scan for secrets, such as API keys, passwords, or other sensitive information, in code repositories.</span></p><p>While TruffleHog is traditionally used in CI/CD pipelines as part of DevSecOps practices, this project is aimed at those who are just getting started with security scanning. The focus will be on how to use TruffleHog on a single static repo.</p><div class="captioned-image-container"><figure><a class="image-link image2" target="_blank" href="https://substackcdn.com/image/fetch/$s_!QP52!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fc235a72d-ca58-40d7-a04f-3604d4d5feb5_3800x2400.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!QP52!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fc235a72d-ca58-40d7-a04f-3604d4d5feb5_3800x2400.png 424w, https://substackcdn.com/image/fetch/$s_!QP52!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fc235a72d-ca58-40d7-a04f-3604d4d5feb5_3800x2400.png 848w, https://substackcdn.com/image/fetch/$s_!QP52!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fc235a72d-ca58-40d7-a04f-3604d4d5feb5_3800x2400.png 1272w, https://substackcdn.com/image/fetch/$s_!QP52!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fc235a72d-ca58-40d7-a04f-3604d4d5feb5_3800x2400.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!QP52!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fc235a72d-ca58-40d7-a04f-3604d4d5feb5_3800x2400.png" width="330" height="208.5164835164835" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/c235a72d-ca58-40d7-a04f-3604d4d5feb5_3800x2400.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:920,&quot;width&quot;:1456,&quot;resizeWidth&quot;:330,&quot;bytes&quot;:42481,&quot;alt&quot;:&quot;&quot;,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:null,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" title="" srcset="https://substackcdn.com/image/fetch/$s_!QP52!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fc235a72d-ca58-40d7-a04f-3604d4d5feb5_3800x2400.png 424w, https://substackcdn.com/image/fetch/$s_!QP52!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fc235a72d-ca58-40d7-a04f-3604d4d5feb5_3800x2400.png 848w, https://substackcdn.com/image/fetch/$s_!QP52!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fc235a72d-ca58-40d7-a04f-3604d4d5feb5_3800x2400.png 1272w, https://substackcdn.com/image/fetch/$s_!QP52!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fc235a72d-ca58-40d7-a04f-3604d4d5feb5_3800x2400.png 1456w" sizes="100vw" loading="lazy" fetchpriority="high"></picture><div></div></div></a></figure></div><p><strong>I will cover:</strong></p><ul><li><p><span>How to set it up </span><strong>(Micro Project)</strong></p></li><li><p><span>CV Challenge Pointers </span><strong>(You should do this)</strong></p></li></ul><h3><strong><span>So how can you easily set this up?</span><br><br></strong></h3><h5><em><strong>You&#8217;ll need a few things like Docker and Basic Bash commands knowledge but I&#8217;ll walk you through it all&#8230;</strong></em></h5><h3><strong>Step One:<span> Install Docker</span></strong></h3><p>Install docker. This can be done with a few simple commands:</p><pre><code><code>## Update your system ## 
sudo apt-get update </code></code></pre><p>I recently found a new quick way of installing docker.</p><pre><code><code>## Download script and run ## 
curl -fsSL https://get.docker.com -o get-docker.sh
sudo sh get-docker.sh</code></code></pre><p>The above is an official script that will do all the work for you. If you are paranoid about running a random script, feel free to look inside it.</p><p>Finally check you have docker &amp; docker compose installed correctly</p><pre><code><code>## Version Checker ## 
docker --version
docker compose version</code></code></pre><div class="captioned-image-container"><figure><a class="image-link image2" target="_blank" href="https://substackcdn.com/image/fetch/$s_!zA3W!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe40c1aba-935f-45ed-99ad-8d7f3d9b14fc_653x150.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!zA3W!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe40c1aba-935f-45ed-99ad-8d7f3d9b14fc_653x150.png 424w, https://substackcdn.com/image/fetch/$s_!zA3W!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe40c1aba-935f-45ed-99ad-8d7f3d9b14fc_653x150.png 848w, https://substackcdn.com/image/fetch/$s_!zA3W!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe40c1aba-935f-45ed-99ad-8d7f3d9b14fc_653x150.png 1272w, https://substackcdn.com/image/fetch/$s_!zA3W!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe40c1aba-935f-45ed-99ad-8d7f3d9b14fc_653x150.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!zA3W!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe40c1aba-935f-45ed-99ad-8d7f3d9b14fc_653x150.png" width="653" height="150" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/e40c1aba-935f-45ed-99ad-8d7f3d9b14fc_653x150.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:150,&quot;width&quot;:653,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:null,&quot;alt&quot;:&quot;&quot;,&quot;title&quot;:null,&quot;type&quot;:null,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:null,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" title="" srcset="https://substackcdn.com/image/fetch/$s_!zA3W!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe40c1aba-935f-45ed-99ad-8d7f3d9b14fc_653x150.png 424w, https://substackcdn.com/image/fetch/$s_!zA3W!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe40c1aba-935f-45ed-99ad-8d7f3d9b14fc_653x150.png 848w, https://substackcdn.com/image/fetch/$s_!zA3W!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe40c1aba-935f-45ed-99ad-8d7f3d9b14fc_653x150.png 1272w, https://substackcdn.com/image/fetch/$s_!zA3W!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe40c1aba-935f-45ed-99ad-8d7f3d9b14fc_653x150.png 1456w" sizes="100vw" loading="lazy"></picture><div></div></div></a></figure></div><h3><strong>Step Two: <span>Get Trufflehog</span></strong></h3><p>Remember, we are using Docker for this project so run the following</p><pre><code><code>docker run --rm -it -v "$PWD:/pwd" trufflesecurity/trufflehog:latest github --repo https://github.com/trufflesecurity/test_keys</code></code></pre><h4><strong>Command Breakdown:</strong></h4><div class="highlighted_code_block" data-attrs="{&quot;language&quot;:&quot;plaintext&quot;,&quot;nodeId&quot;:&quot;d9c77672-1a0b-4bca-95d5-78717ad4b438&quot;}" data-component-name="HighlightedCodeBlockToDOM"><pre class="shiki"><code class="language-plaintext">docker run: This runs a Docker container.

--rm: Automatically removes the container once it stops, cleaning up after execution.

-it: Runs the container in interactive mode with a terminal (-i for interactive and -t for terminal).

-v "$PWD:/pwd": Mounts the current working directory ($PWD) on your host machine to the /pwd directory inside the Docker container. This allows the container to access files in your local directory.

trufflesecurity/trufflehog:latest: Specifies the Docker image to run, in this case, the latest version of the trufflesecurity/trufflehog image.

github --repo https://github.com/trufflesecurity/test_keys: Runs the TruffleHog tool inside the container to scan the specified GitHub repository (https://github.com/trufflesecurity/test_keys) for sensitive information like secrets.</code></pre></div><div><hr></div><p><span>You should see something like this pop up on the command line, followed by some test results from the example repo.</span><br><br><code>&#128055;&#128273;&#128055; TruffleHog. Unearth your secrets. &#128055;&#128273;&#128055;</code></p><h3><strong>Step Three: <span>Target our own Git Repo</span></strong></h3><p><span>We now want to run TruffleHog against our own repo, so lets run that command again but this time swap out the example repo with yours. If you don&#8217;t have one, follow my guide here: </span><a href="https://wjpearce.substack.com/p/sneak-preview">Set up your own Repo!</a></p><p>As you can see I&#8217;ve swapped out the example one with my own (Feel free to Fork this):</p><pre><code><code>docker run --rm -it -v "$PWD:/pwd" trufflesecurity/trufflehog:latest github --repo https://github.com/wjpearce-git/Basic-AWS-Networking</code></code></pre><p><span>Trufflehog will run against this repo and apart from some metadata about the scan, no secrets will be found.</span><br></p><h3><strong>Step Four:<span> Let&#8217;s find some secrets</span></strong></h3><p><strong>What if I put a fake user pass and IP in my repo though?!</strong></p><p>Let&#8217;s try that, I&#8217;ll create a new branch with:</p><pre><code><code>git checkout -b thogtest</code></code></pre><p><span>If you&#8217;ve looked at my repo, you&#8217;ll see I&#8217;m working with Terraform so let&#8217;s add the following &#8220;Bad&#8221; code into the </span><em><strong>variables.tf</strong></em><span> file:</span></p><pre><code><code>##### Trufflehog Test #####
variable "creds" {
  description = "Testing Server"
  default = "http://user:password@192.168.0.1:8080"
}</code></code></pre><p>Let&#8217;s push and merge that:</p><pre><code><code>git add .
git commit -am "wip: testing secret detection"
git push --set-upstream origin thogtest</code></code></pre><p>Now run the Docker and Trufflehog again</p><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!DOjj!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3426b63a-55a9-48df-b557-2e60edbe3f0c_1348x359.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!DOjj!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3426b63a-55a9-48df-b557-2e60edbe3f0c_1348x359.png 424w, https://substackcdn.com/image/fetch/$s_!DOjj!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3426b63a-55a9-48df-b557-2e60edbe3f0c_1348x359.png 848w, https://substackcdn.com/image/fetch/$s_!DOjj!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3426b63a-55a9-48df-b557-2e60edbe3f0c_1348x359.png 1272w, https://substackcdn.com/image/fetch/$s_!DOjj!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3426b63a-55a9-48df-b557-2e60edbe3f0c_1348x359.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!DOjj!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3426b63a-55a9-48df-b557-2e60edbe3f0c_1348x359.png" width="1348" height="359" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/3426b63a-55a9-48df-b557-2e60edbe3f0c_1348x359.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:359,&quot;width&quot;:1348,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:47132,&quot;alt&quot;:&quot;&quot;,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:null,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" title="" srcset="https://substackcdn.com/image/fetch/$s_!DOjj!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3426b63a-55a9-48df-b557-2e60edbe3f0c_1348x359.png 424w, https://substackcdn.com/image/fetch/$s_!DOjj!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3426b63a-55a9-48df-b557-2e60edbe3f0c_1348x359.png 848w, https://substackcdn.com/image/fetch/$s_!DOjj!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3426b63a-55a9-48df-b557-2e60edbe3f0c_1348x359.png 1272w, https://substackcdn.com/image/fetch/$s_!DOjj!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3426b63a-55a9-48df-b557-2e60edbe3f0c_1348x359.png 1456w" sizes="100vw" loading="lazy"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><pre><code><code>As you would expect, Trufflehog has picked up on this and provided the issue with the line and file.</code></code></pre><p>&#127881; Congrats you&#8217;ve found your first secret! &#127881;</p><p><span>Trufflehog&#8217;s capabilities go well beyond what we&#8217;ve done here.</span><br></p><div><hr></div><h3><strong>CV Challenge</strong></h3><p><span>If you&#8217;re up for a challenge I recommend trying </span><strong>AND DOCUMENTING</strong><span> the following:</span></p><ul><li><p>Scan an S3 bucket for verified keys - Remember you&#8217;ll need to set up an AWS Account.</p></li><li><p>Scan individual files or directories</p></li><li><p>Finally, set up Trufflehog to run when a PR is created using GitHub actions so that only the Source Code in the PR is scanned</p></li></ul><p>Here&#8217;s a hint to get you started:</p><pre><code><code>name: TruffleHog PR Scan
on: pull_request
jobs:
  scan:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@v2
      - name: Run TruffleHog
        run: docker run --rm -v ${{ github.workspace }}:/pwd trufflesecurity/trufflehog:latest filesystem /pwd
</code></code></pre><p><em><strong>WJPearce - Cyber Notes</strong></em></p><p><strong>Enjoyed this? </strong><span>Why not check out my other reads&#8230;</span></p><h4><strong><a href="https://wjpearce.substack.com/p/the-ultimate-docker-project">The Ultimate Docker Project&#128011;</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/part-two-the-ultimate-docker-project">Part Two: The Ultimate Docker Project &#128011;</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/the-aws-starter-pack">The AWS Starter Pack</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/easy-cloud-devops-project">Easy Cloud DevOps Project&#128295;</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/new-aws-account-step-by-step-guide">New AWS Account Step-by-Step Guide&#10004;&#65039;</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/beginner-ai-cloud-cv-project">Beginner AI Cloud CV Project&#128221;</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/sql-injection-made-simple">SQL Injection: Made Simple &#128137;</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/the-ultimate-cloud-project">The Ultimate Cloud Project &#9729;&#65039;</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/easy-cloud-automation-project">Easy Cloud Automation Project &#9881;&#65039;</a></strong></h4>]]></content:encoded></item><item><title><![CDATA[Setup Guide: Odysseus from pewdiepie!?]]></title><description><![CDATA[A hands on walkthrough of Odysseus, PewDiePie's open-source local LLM setup with chat, agents and MCP tools.]]></description><link>https://www.cybernotes.tech/p/setup-guide-odysseus-from-pewdiepie</link><guid isPermaLink="false">https://www.cybernotes.tech/p/setup-guide-odysseus-from-pewdiepie</guid><dc:creator><![CDATA[W J Pearce]]></dc:creator><pubDate>Sun, 07 Jun 2026 18:30:33 GMT</pubDate><enclosure url="https://substackcdn.com/image/fetch/$s_!iYk-!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff388eebd-29c9-475b-9850-f17331c5957d_1740x888.png" length="0" type="image/jpeg"/><content:encoded><![CDATA[<div class="captioned-image-container"><figure><a class="image-link image2" target="_blank" href="https://substackcdn.com/image/fetch/$s_!bJ33!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!bJ33!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 424w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 848w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1272w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!bJ33!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png" width="1344" height="256" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:256,&quot;width&quot;:1344,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:null,&quot;alt&quot;:&quot;&quot;,&quot;title&quot;:&quot;&quot;,&quot;type&quot;:null,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:null,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" title="" srcset="https://substackcdn.com/image/fetch/$s_!bJ33!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 424w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 848w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1272w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1456w" sizes="100vw" fetchpriority="high"></picture><div></div></div></a></figure></div><p><strong>Last Issue: </strong><a href="https://www.cybernotes.tech/p/claude-code-for-cloud-security-what">Claude Code for Cloud Security: What you should know &#127785;&#65039;</a></p><p><strong>Next Issue: </strong><a href="http://cybernotes.tech">Are Cloud &amp; Security Certs still worth it? </a></p><div><hr></div><p>We&#8217;re going to stand up <strong>Odysseus</strong>: An open source, self hosted AI app, get it talking to a model, and then walk every feature one by one. <br><br>I want to run it with a local model rather than a cloud API. With everything we&#8217;re putting into these tools now, I think local is the future, and security is the why.</p><p>Want to follow the source as we go? Start here: <a href="https://github.com/pewdiepie-archdaemon/odysseus">github.com/pewdiepie-archdaemon/odysseus</a>.</p><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!iYk-!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff388eebd-29c9-475b-9850-f17331c5957d_1740x888.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!iYk-!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff388eebd-29c9-475b-9850-f17331c5957d_1740x888.png 424w, https://substackcdn.com/image/fetch/$s_!iYk-!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff388eebd-29c9-475b-9850-f17331c5957d_1740x888.png 848w, https://substackcdn.com/image/fetch/$s_!iYk-!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff388eebd-29c9-475b-9850-f17331c5957d_1740x888.png 1272w, https://substackcdn.com/image/fetch/$s_!iYk-!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff388eebd-29c9-475b-9850-f17331c5957d_1740x888.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!iYk-!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff388eebd-29c9-475b-9850-f17331c5957d_1740x888.png" width="1456" height="743" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/f388eebd-29c9-475b-9850-f17331c5957d_1740x888.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:743,&quot;width&quot;:1456,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:null,&quot;alt&quot;:&quot;Odysseus landing page&quot;,&quot;title&quot;:&quot;Odysseus landing page&quot;,&quot;type&quot;:null,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:null,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="Odysseus landing page" title="Odysseus landing page" srcset="https://substackcdn.com/image/fetch/$s_!iYk-!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff388eebd-29c9-475b-9850-f17331c5957d_1740x888.png 424w, https://substackcdn.com/image/fetch/$s_!iYk-!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff388eebd-29c9-475b-9850-f17331c5957d_1740x888.png 848w, https://substackcdn.com/image/fetch/$s_!iYk-!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff388eebd-29c9-475b-9850-f17331c5957d_1740x888.png 1272w, https://substackcdn.com/image/fetch/$s_!iYk-!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff388eebd-29c9-475b-9850-f17331c5957d_1740x888.png 1456w" sizes="100vw"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p style="text-align: center;"><em>open source, free, bring your own models with no telemetry.</em></p><h1><strong>1. Getting it running</strong></h1><p>The whole thing ships as a set of Docker containers, so setup is just a few commands. Open a terminal in whatever folder you keep projects in.</p><p>Clone the repo and move into it:</p><blockquote><p><code>git clone https://github.com/pewdiepie-archdaemon/odysseus.git &amp;&amp; cd odysseus</code></p></blockquote><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!fHuR!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F91b3a4c1-deae-4321-924e-69f3e8493917_1414x502.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!fHuR!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F91b3a4c1-deae-4321-924e-69f3e8493917_1414x502.png 424w, https://substackcdn.com/image/fetch/$s_!fHuR!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F91b3a4c1-deae-4321-924e-69f3e8493917_1414x502.png 848w, https://substackcdn.com/image/fetch/$s_!fHuR!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F91b3a4c1-deae-4321-924e-69f3e8493917_1414x502.png 1272w, https://substackcdn.com/image/fetch/$s_!fHuR!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F91b3a4c1-deae-4321-924e-69f3e8493917_1414x502.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!fHuR!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F91b3a4c1-deae-4321-924e-69f3e8493917_1414x502.png" width="1414" height="502" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/91b3a4c1-deae-4321-924e-69f3e8493917_1414x502.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:502,&quot;width&quot;:1414,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:null,&quot;alt&quot;:&quot;Cloning the repo&quot;,&quot;title&quot;:&quot;Cloning the repo&quot;,&quot;type&quot;:null,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:null,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="Cloning the repo" title="Cloning the repo" srcset="https://substackcdn.com/image/fetch/$s_!fHuR!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F91b3a4c1-deae-4321-924e-69f3e8493917_1414x502.png 424w, https://substackcdn.com/image/fetch/$s_!fHuR!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F91b3a4c1-deae-4321-924e-69f3e8493917_1414x502.png 848w, https://substackcdn.com/image/fetch/$s_!fHuR!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F91b3a4c1-deae-4321-924e-69f3e8493917_1414x502.png 1272w, https://substackcdn.com/image/fetch/$s_!fHuR!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F91b3a4c1-deae-4321-924e-69f3e8493917_1414x502.png 1456w" sizes="100vw" loading="lazy"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p style="text-align: center;"><em>Clone done, you&#8217;re now sitting inside the odysseus folder on the main branch.</em></p><p>Make sure your <strong>Docker engine is running</strong> (open Docker Desktop), then build and start everything in the background:</p><blockquote><p><code>docker compose up -d --build</code></p></blockquote><p>First run pulls a few images, the chat app itself plus its helpers: searxng (search), chromadb (the memory/vector store), and ntfy (notifications). Give it a minute.</p><div class="captioned-image-container"><figure><a class="image-link image2" target="_blank" href="https://substackcdn.com/image/fetch/$s_!TLo_!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe5399042-f6b4-4dd3-a0dc-126b21669584_1310x294.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!TLo_!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe5399042-f6b4-4dd3-a0dc-126b21669584_1310x294.png 424w, https://substackcdn.com/image/fetch/$s_!TLo_!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe5399042-f6b4-4dd3-a0dc-126b21669584_1310x294.png 848w, https://substackcdn.com/image/fetch/$s_!TLo_!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe5399042-f6b4-4dd3-a0dc-126b21669584_1310x294.png 1272w, https://substackcdn.com/image/fetch/$s_!TLo_!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe5399042-f6b4-4dd3-a0dc-126b21669584_1310x294.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!TLo_!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe5399042-f6b4-4dd3-a0dc-126b21669584_1310x294.png" width="1310" height="294" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/e5399042-f6b4-4dd3-a0dc-126b21669584_1310x294.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:294,&quot;width&quot;:1310,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:null,&quot;alt&quot;:&quot;Docker compose pulling images&quot;,&quot;title&quot;:&quot;Docker compose pulling images&quot;,&quot;type&quot;:null,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:null,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="Docker compose pulling images" title="Docker compose pulling images" srcset="https://substackcdn.com/image/fetch/$s_!TLo_!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe5399042-f6b4-4dd3-a0dc-126b21669584_1310x294.png 424w, https://substackcdn.com/image/fetch/$s_!TLo_!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe5399042-f6b4-4dd3-a0dc-126b21669584_1310x294.png 848w, https://substackcdn.com/image/fetch/$s_!TLo_!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe5399042-f6b4-4dd3-a0dc-126b21669584_1310x294.png 1272w, https://substackcdn.com/image/fetch/$s_!TLo_!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe5399042-f6b4-4dd3-a0dc-126b21669584_1310x294.png 1456w" sizes="100vw" loading="lazy"></picture><div></div></div></a></figure></div><p style="text-align: center;"><em>Compose pulling the supporting containers on first build.</em></p><p>On first boot it creates an admin user and prints a temporary password into the logs. Grab it with:</p><blockquote><p><code>docker compose logs odysseus</code></p></blockquote><div class="captioned-image-container"><figure><a class="image-link image2" target="_blank" href="https://substackcdn.com/image/fetch/$s_!YPZ6!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fee060aff-f590-4305-a10c-d7e8475b0043_1320x146.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!YPZ6!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fee060aff-f590-4305-a10c-d7e8475b0043_1320x146.png 424w, https://substackcdn.com/image/fetch/$s_!YPZ6!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fee060aff-f590-4305-a10c-d7e8475b0043_1320x146.png 848w, https://substackcdn.com/image/fetch/$s_!YPZ6!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fee060aff-f590-4305-a10c-d7e8475b0043_1320x146.png 1272w, https://substackcdn.com/image/fetch/$s_!YPZ6!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fee060aff-f590-4305-a10c-d7e8475b0043_1320x146.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!YPZ6!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fee060aff-f590-4305-a10c-d7e8475b0043_1320x146.png" width="1320" height="146" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/ee060aff-f590-4305-a10c-d7e8475b0043_1320x146.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:146,&quot;width&quot;:1320,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:null,&quot;alt&quot;:&quot;Temporary admin password in the logs&quot;,&quot;title&quot;:&quot;Temporary admin password in the logs&quot;,&quot;type&quot;:null,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:null,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="Temporary admin password in the logs" title="Temporary admin password in the logs" srcset="https://substackcdn.com/image/fetch/$s_!YPZ6!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fee060aff-f590-4305-a10c-d7e8475b0043_1320x146.png 424w, https://substackcdn.com/image/fetch/$s_!YPZ6!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fee060aff-f590-4305-a10c-d7e8475b0043_1320x146.png 848w, https://substackcdn.com/image/fetch/$s_!YPZ6!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fee060aff-f590-4305-a10c-d7e8475b0043_1320x146.png 1272w, https://substackcdn.com/image/fetch/$s_!YPZ6!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fee060aff-f590-4305-a10c-d7e8475b0043_1320x146.png 1456w" sizes="100vw" loading="lazy"></picture><div></div></div></a></figure></div><p style="text-align: center;"><em>Look for the &#8220;Initial admin user created&#8221; line &#8212; the temporary password is right under it.</em></p><p>Now open the app in your browser and sign in as admin with that password.</p><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!_qoc!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fda93bb8f-ac5c-494f-a20f-c8e777595fda_790x770.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!_qoc!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fda93bb8f-ac5c-494f-a20f-c8e777595fda_790x770.png 424w, https://substackcdn.com/image/fetch/$s_!_qoc!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fda93bb8f-ac5c-494f-a20f-c8e777595fda_790x770.png 848w, https://substackcdn.com/image/fetch/$s_!_qoc!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fda93bb8f-ac5c-494f-a20f-c8e777595fda_790x770.png 1272w, https://substackcdn.com/image/fetch/$s_!_qoc!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fda93bb8f-ac5c-494f-a20f-c8e777595fda_790x770.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!_qoc!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fda93bb8f-ac5c-494f-a20f-c8e777595fda_790x770.png" width="790" height="770" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/da93bb8f-ac5c-494f-a20f-c8e777595fda_790x770.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:770,&quot;width&quot;:790,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:null,&quot;alt&quot;:&quot;Odysseus login screen&quot;,&quot;title&quot;:&quot;Odysseus login screen&quot;,&quot;type&quot;:null,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:null,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="Odysseus login screen" title="Odysseus login screen" srcset="https://substackcdn.com/image/fetch/$s_!_qoc!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fda93bb8f-ac5c-494f-a20f-c8e777595fda_790x770.png 424w, https://substackcdn.com/image/fetch/$s_!_qoc!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fda93bb8f-ac5c-494f-a20f-c8e777595fda_790x770.png 848w, https://substackcdn.com/image/fetch/$s_!_qoc!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fda93bb8f-ac5c-494f-a20f-c8e777595fda_790x770.png 1272w, https://substackcdn.com/image/fetch/$s_!_qoc!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fda93bb8f-ac5c-494f-a20f-c8e777595fda_790x770.png 1456w" sizes="100vw" loading="lazy"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p style="text-align: center;"><em>The login screen. Username admin, password from the logs.</em></p><h1><strong>2. A quick look around</strong></h1><p>You land in the chat view with the full sidebar on the left: Chat, Search, Email, Tools, Brain, Calendar, Compare, Cookbook, Deep Research, Gallery, Library, Notes, Tasks. That sidebar is the giveaway that this is a complete orchestration platform, not just a chat box. We&#8217;ll come back to the headline features later.</p><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!216v!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F2afe2edd-2418-4253-b5d0-1206910ce8f8_2048x932.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!216v!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F2afe2edd-2418-4253-b5d0-1206910ce8f8_2048x932.png 424w, https://substackcdn.com/image/fetch/$s_!216v!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F2afe2edd-2418-4253-b5d0-1206910ce8f8_2048x932.png 848w, https://substackcdn.com/image/fetch/$s_!216v!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F2afe2edd-2418-4253-b5d0-1206910ce8f8_2048x932.png 1272w, https://substackcdn.com/image/fetch/$s_!216v!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F2afe2edd-2418-4253-b5d0-1206910ce8f8_2048x932.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!216v!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F2afe2edd-2418-4253-b5d0-1206910ce8f8_2048x932.png" width="1456" height="663" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/2afe2edd-2418-4253-b5d0-1206910ce8f8_2048x932.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:663,&quot;width&quot;:1456,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:null,&quot;alt&quot;:&quot;Odysseus main interface&quot;,&quot;title&quot;:&quot;Odysseus main interface&quot;,&quot;type&quot;:null,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:null,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="Odysseus main interface" title="Odysseus main interface" srcset="https://substackcdn.com/image/fetch/$s_!216v!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F2afe2edd-2418-4253-b5d0-1206910ce8f8_2048x932.png 424w, https://substackcdn.com/image/fetch/$s_!216v!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F2afe2edd-2418-4253-b5d0-1206910ce8f8_2048x932.png 848w, https://substackcdn.com/image/fetch/$s_!216v!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F2afe2edd-2418-4253-b5d0-1206910ce8f8_2048x932.png 1272w, https://substackcdn.com/image/fetch/$s_!216v!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F2afe2edd-2418-4253-b5d0-1206910ce8f8_2048x932.png 1456w" sizes="100vw" loading="lazy"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p style="text-align: center;"><em>The home view. Note the prompt: type /setup to get started, or just paste an endpoint in chat.</em></p><p>Right now though, the model picker says it all: <strong>&#8220;No models connected.&#8221;</strong> Nothing can happen until we give Odysseus a brain to talk to. That&#8217;s next.</p><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!3Ihp!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8012fb6f-cd75-43a2-94c7-bc1eadbfb254_1678x424.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!3Ihp!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8012fb6f-cd75-43a2-94c7-bc1eadbfb254_1678x424.png 424w, https://substackcdn.com/image/fetch/$s_!3Ihp!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8012fb6f-cd75-43a2-94c7-bc1eadbfb254_1678x424.png 848w, https://substackcdn.com/image/fetch/$s_!3Ihp!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8012fb6f-cd75-43a2-94c7-bc1eadbfb254_1678x424.png 1272w, https://substackcdn.com/image/fetch/$s_!3Ihp!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8012fb6f-cd75-43a2-94c7-bc1eadbfb254_1678x424.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!3Ihp!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8012fb6f-cd75-43a2-94c7-bc1eadbfb254_1678x424.png" width="1456" height="368" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/8012fb6f-cd75-43a2-94c7-bc1eadbfb254_1678x424.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:368,&quot;width&quot;:1456,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:null,&quot;alt&quot;:&quot;No models connected&quot;,&quot;title&quot;:&quot;No models connected&quot;,&quot;type&quot;:null,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:null,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="No models connected" title="No models connected" srcset="https://substackcdn.com/image/fetch/$s_!3Ihp!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8012fb6f-cd75-43a2-94c7-bc1eadbfb254_1678x424.png 424w, https://substackcdn.com/image/fetch/$s_!3Ihp!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8012fb6f-cd75-43a2-94c7-bc1eadbfb254_1678x424.png 848w, https://substackcdn.com/image/fetch/$s_!3Ihp!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8012fb6f-cd75-43a2-94c7-bc1eadbfb254_1678x424.png 1272w, https://substackcdn.com/image/fetch/$s_!3Ihp!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8012fb6f-cd75-43a2-94c7-bc1eadbfb254_1678x424.png 1456w" sizes="100vw" loading="lazy"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><h1><strong>3. Adding a model</strong></h1><p>Head into Settings from the sidebar. There&#8217;s a lot in here, you can set your default search engine for deep research and pick model defaults for different features, but let&#8217;s stay focused on the one job that matters first: adding a model. Two roads, cloud or local.</p><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!OjwX!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F99ef59bf-f8f1-4084-8348-b2bfd22da2e0_1496x1252.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!OjwX!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F99ef59bf-f8f1-4084-8348-b2bfd22da2e0_1496x1252.png 424w, https://substackcdn.com/image/fetch/$s_!OjwX!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F99ef59bf-f8f1-4084-8348-b2bfd22da2e0_1496x1252.png 848w, https://substackcdn.com/image/fetch/$s_!OjwX!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F99ef59bf-f8f1-4084-8348-b2bfd22da2e0_1496x1252.png 1272w, https://substackcdn.com/image/fetch/$s_!OjwX!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F99ef59bf-f8f1-4084-8348-b2bfd22da2e0_1496x1252.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!OjwX!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F99ef59bf-f8f1-4084-8348-b2bfd22da2e0_1496x1252.png" width="1456" height="1219" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/99ef59bf-f8f1-4084-8348-b2bfd22da2e0_1496x1252.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:1219,&quot;width&quot;:1456,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:null,&quot;alt&quot;:&quot;Settings &#8211; Add Models&quot;,&quot;title&quot;:&quot;Settings &#8211; Add Models&quot;,&quot;type&quot;:null,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:null,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="Settings &#8211; Add Models" title="Settings &#8211; Add Models" srcset="https://substackcdn.com/image/fetch/$s_!OjwX!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F99ef59bf-f8f1-4084-8348-b2bfd22da2e0_1496x1252.png 424w, https://substackcdn.com/image/fetch/$s_!OjwX!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F99ef59bf-f8f1-4084-8348-b2bfd22da2e0_1496x1252.png 848w, https://substackcdn.com/image/fetch/$s_!OjwX!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F99ef59bf-f8f1-4084-8348-b2bfd22da2e0_1496x1252.png 1272w, https://substackcdn.com/image/fetch/$s_!OjwX!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F99ef59bf-f8f1-4084-8348-b2bfd22da2e0_1496x1252.png 1456w" sizes="100vw" loading="lazy"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p style="text-align: center;"><em>Settings &#8594; Add Models. Two endpoint types: LOCAL and API. Right now both read &#8220;None.&#8221;</em></p><h2><strong>The easy road: a cloud model</strong></h2><p>Adding a cloud model is about as simple as it gets. We&#8217;ve done this a million times. Open the API section, pick your provider from the dropdown, and it fills in the right API endpoint for you. Then paste in the key you got from that provider.</p><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!zpbz!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F51b204bb-e6e0-4b53-bb43-35ae8c19d016_994x702.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!zpbz!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F51b204bb-e6e0-4b53-bb43-35ae8c19d016_994x702.png 424w, https://substackcdn.com/image/fetch/$s_!zpbz!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F51b204bb-e6e0-4b53-bb43-35ae8c19d016_994x702.png 848w, https://substackcdn.com/image/fetch/$s_!zpbz!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F51b204bb-e6e0-4b53-bb43-35ae8c19d016_994x702.png 1272w, https://substackcdn.com/image/fetch/$s_!zpbz!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F51b204bb-e6e0-4b53-bb43-35ae8c19d016_994x702.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!zpbz!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F51b204bb-e6e0-4b53-bb43-35ae8c19d016_994x702.png" width="994" height="702" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/51b204bb-e6e0-4b53-bb43-35ae8c19d016_994x702.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:702,&quot;width&quot;:994,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:null,&quot;alt&quot;:&quot;API provider dropdown&quot;,&quot;title&quot;:&quot;API provider dropdown&quot;,&quot;type&quot;:null,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:null,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="API provider dropdown" title="API provider dropdown" srcset="https://substackcdn.com/image/fetch/$s_!zpbz!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F51b204bb-e6e0-4b53-bb43-35ae8c19d016_994x702.png 424w, https://substackcdn.com/image/fetch/$s_!zpbz!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F51b204bb-e6e0-4b53-bb43-35ae8c19d016_994x702.png 848w, https://substackcdn.com/image/fetch/$s_!zpbz!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F51b204bb-e6e0-4b53-bb43-35ae8c19d016_994x702.png 1272w, https://substackcdn.com/image/fetch/$s_!zpbz!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F51b204bb-e6e0-4b53-bb43-35ae8c19d016_994x702.png 1456w" sizes="100vw" loading="lazy"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><h2><strong>The road I care about: a local model</strong></h2><p>Since the whole point here is security, I want to run a model <strong>on my own machine</strong>. For me that&#8217;s gemma4:26b. You&#8217;ll want it set up and serving <em>before</em> this step, I have a separate guide on doing that with Ollama here: </p><div class="digest-post-embed" data-attrs="{&quot;nodeId&quot;:&quot;6427b3e3-fbd9-4613-966d-c762e76a4cf1&quot;,&quot;caption&quot;:&quot;Last Issue: Agentic AI Hacking Project &#129302;&quot;,&quot;cta&quot;:null,&quot;showBylines&quot;:true,&quot;showDescription&quot;:true,&quot;showImage&quot;:true,&quot;size&quot;:&quot;lg&quot;,&quot;isEditorNode&quot;:true,&quot;title&quot;:&quot;How to run Gemma4 Locally with Claude Code &#127775;&quot;,&quot;publishedBylines&quot;:[{&quot;id&quot;:100797762,&quot;name&quot;:&quot;W J Pearce&quot;,&quot;bio&quot;:&quot;Cyber Security Engineer / YouTuber&quot;,&quot;photo_url&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/31d30c5a-0775-4efa-8cac-b6b9dfda9c05_361x361.jpeg&quot;,&quot;is_guest&quot;:false,&quot;bestseller_tier&quot;:null}],&quot;post_date&quot;:&quot;2026-05-03T18:30:54.031Z&quot;,&quot;cover_image&quot;:&quot;https://substackcdn.com/image/fetch/$s_!0umK!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F9a569d43-8e7f-45f5-9809-3ad8041d4e8e_702x582.png&quot;,&quot;cover_image_alt&quot;:null,&quot;canonical_url&quot;:&quot;https://www.cybernotes.tech/p/how-to-run-gemma4-locally-with-claude&quot;,&quot;section_name&quot;:null,&quot;video_upload_id&quot;:null,&quot;id&quot;:194597431,&quot;type&quot;:&quot;newsletter&quot;,&quot;reaction_count&quot;:4,&quot;comment_count&quot;:0,&quot;publication_id&quot;:2139894,&quot;publication_name&quot;:&quot;Cyber Notes&quot;,&quot;publication_logo_url&quot;:&quot;https://substackcdn.com/image/fetch/$s_!wiuw!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F96e971cf-35a8-446e-90a7-27e9f627abbb_256x256.png&quot;,&quot;belowTheFold&quot;:true,&quot;youtube_url&quot;:null,&quot;show_links&quot;:null,&quot;feed_url&quot;:null}"></div><p>Once your local model is being served, adding it to Odysseus is just one line. Open the LOCAL endpoint and paste:</p><blockquote><p><code>http://host.docker.internal:11434/v1</code></p></blockquote><p>(Odysseus even hints at this in its quick-start, on your own machine it&#8217;s the http://localhost:11434/v1 address; from <em>inside</em> a container you reach the host with host.docker.internal instead.)</p><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!J4WY!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdede724e-3e9c-4b59-a382-47b1eaa00932_1366x568.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!J4WY!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdede724e-3e9c-4b59-a382-47b1eaa00932_1366x568.png 424w, https://substackcdn.com/image/fetch/$s_!J4WY!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdede724e-3e9c-4b59-a382-47b1eaa00932_1366x568.png 848w, https://substackcdn.com/image/fetch/$s_!J4WY!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdede724e-3e9c-4b59-a382-47b1eaa00932_1366x568.png 1272w, https://substackcdn.com/image/fetch/$s_!J4WY!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdede724e-3e9c-4b59-a382-47b1eaa00932_1366x568.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!J4WY!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdede724e-3e9c-4b59-a382-47b1eaa00932_1366x568.png" width="1366" height="568" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/dede724e-3e9c-4b59-a382-47b1eaa00932_1366x568.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:568,&quot;width&quot;:1366,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:null,&quot;alt&quot;:&quot;Local setup quick start&quot;,&quot;title&quot;:&quot;Local setup quick start&quot;,&quot;type&quot;:null,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:null,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="Local setup quick start" title="Local setup quick start" srcset="https://substackcdn.com/image/fetch/$s_!J4WY!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdede724e-3e9c-4b59-a382-47b1eaa00932_1366x568.png 424w, https://substackcdn.com/image/fetch/$s_!J4WY!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdede724e-3e9c-4b59-a382-47b1eaa00932_1366x568.png 848w, https://substackcdn.com/image/fetch/$s_!J4WY!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdede724e-3e9c-4b59-a382-47b1eaa00932_1366x568.png 1272w, https://substackcdn.com/image/fetch/$s_!J4WY!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdede724e-3e9c-4b59-a382-47b1eaa00932_1366x568.png 1456w" sizes="100vw" loading="lazy"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><h1><strong>4. Wait?! What actually runs the model?</strong></h1><p> A 17 GB model like gemma4 <strong>isn&#8217;t a program you &#8220;open.&#8221;</strong> To actually generate text from it, something has to do a genuinely hard job:</p><ul><li><p>Load 17 GB of weights into memory (RAM or GPU memory) and keep them there.</p></li><li><p>Run the math, billions of matrix multiplications per response, using your Mac&#8217;s GPU/Neural Engine efficiently. </p></li><li><p>Manage the file formats, tokenization, quantization, context window, and the rest.</p></li></ul><p>That whole job is called an <strong>inference engine</strong>, and it&#8217;s a serious piece of engineering. <strong>Ollama is that engine</strong> (built on top of llama.cpp). Its entire reason to exist is to do this one hard thing well.</p><p>Odysseus is a different kind of app. It&#8217;s an <strong>orchestration / chat app</strong> &#8212; its job is everything <em>around</em> the model:</p><ul><li><p>the chat UI, login, and sessions</p></li><li><p>memory and RAG/search (that&#8217;s the chromadb + searxng containers)</p></li><li><p>tools, scheduling, email, MCP servers</p></li></ul><p>To get an answer, Odysseus doesn&#8217;t run the model itself: it just fires an HTTP request at the inference engine and gets text back:</p><blockquote><p><code>Odysseus  &#9472;&#9472;&#8220;here&#8217;s the prompt&#8221;&#9472;&gt;  Ollama  &#9472;&#9472;runs gemma4&#9472;&gt;   &#8220;here&#8217;s the answer&#8221;</code></p></blockquote><p>The whole reason the local setup is one little URL: you&#8217;re just pointing the orchestrator at the engine.</p><h1><strong>5. A word on security (read this before you play)</strong></h1><p>Before we start poking around, I highly recommend reading the project&#8217;s security notes: <a href="https://github.com/pewdiepie-archdaemon/odysseus#security-notes">github.com/pewdiepie-archdaemon/odysseus#security-notes</a>.</p><p>We&#8217;re not going to change any of these settings &#8212; but this is a fantastic learning opportunity. Take one line as an example:</p><blockquote><p><em>&#8220;Use SECURE_COOKIES=true when Odysseus is served through HTTPS by a trusted reverse proxy or private access gateway.&#8221;</em></p></blockquote><p>Ask yourself: <em>why would that be?</em> Do you know what a reverse proxy is? Sitting with questions like that, instead of just copy pasting and moving on, is exactly the approach that turns a fun weekend project into something genuinely worthwhile. Keep doing projects this way and before you know it you&#8217;ve built up a huge library of knowledge.</p><h1><strong>6. The feature tour</strong></h1><p>With a model connected, here&#8217;s the good stuff.</p><h2><strong>Chat: Talk to any model</strong></h2><p>Chat with any local model or API; adding them is as simple as we just saw. Here&#8217;s gemma4:26b answering a friendly &#8220;Hello, what are you?&#8221; &#8212; running entirely on my own hardware.</p><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!9Hcy!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F07645c69-bc01-4f2c-99b3-0bbd4633d45c_1616x1358.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!9Hcy!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F07645c69-bc01-4f2c-99b3-0bbd4633d45c_1616x1358.png 424w, https://substackcdn.com/image/fetch/$s_!9Hcy!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F07645c69-bc01-4f2c-99b3-0bbd4633d45c_1616x1358.png 848w, https://substackcdn.com/image/fetch/$s_!9Hcy!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F07645c69-bc01-4f2c-99b3-0bbd4633d45c_1616x1358.png 1272w, https://substackcdn.com/image/fetch/$s_!9Hcy!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F07645c69-bc01-4f2c-99b3-0bbd4633d45c_1616x1358.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!9Hcy!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F07645c69-bc01-4f2c-99b3-0bbd4633d45c_1616x1358.png" width="1456" height="1224" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/07645c69-bc01-4f2c-99b3-0bbd4633d45c_1616x1358.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:1224,&quot;width&quot;:1456,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:null,&quot;alt&quot;:&quot;Chat with gemma4:26b&quot;,&quot;title&quot;:&quot;Chat with gemma4:26b&quot;,&quot;type&quot;:null,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:null,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="Chat with gemma4:26b" title="Chat with gemma4:26b" srcset="https://substackcdn.com/image/fetch/$s_!9Hcy!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F07645c69-bc01-4f2c-99b3-0bbd4633d45c_1616x1358.png 424w, https://substackcdn.com/image/fetch/$s_!9Hcy!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F07645c69-bc01-4f2c-99b3-0bbd4633d45c_1616x1358.png 848w, https://substackcdn.com/image/fetch/$s_!9Hcy!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F07645c69-bc01-4f2c-99b3-0bbd4633d45c_1616x1358.png 1272w, https://substackcdn.com/image/fetch/$s_!9Hcy!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F07645c69-bc01-4f2c-99b3-0bbd4633d45c_1616x1358.png 1456w" sizes="100vw" loading="lazy"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><h2><strong>Cookbook: Right sized models for your machine</strong></h2><p>Cookbook scans your hardware, recommends models that&#8217;ll actually run well, and lets you download and serve them with a click. Easy. This is where you (or I) can see which models suit the machine in front of us, with a clear read on VRAM, context, and speed before committing to a download.</p><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!xNDm!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F9a0d7389-1276-4549-863e-5532b4641c08_1550x1632.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!xNDm!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F9a0d7389-1276-4549-863e-5532b4641c08_1550x1632.png 424w, https://substackcdn.com/image/fetch/$s_!xNDm!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F9a0d7389-1276-4549-863e-5532b4641c08_1550x1632.png 848w, https://substackcdn.com/image/fetch/$s_!xNDm!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F9a0d7389-1276-4549-863e-5532b4641c08_1550x1632.png 1272w, https://substackcdn.com/image/fetch/$s_!xNDm!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F9a0d7389-1276-4549-863e-5532b4641c08_1550x1632.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!xNDm!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F9a0d7389-1276-4549-863e-5532b4641c08_1550x1632.png" width="1456" height="1533" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/9a0d7389-1276-4549-863e-5532b4641c08_1550x1632.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:1533,&quot;width&quot;:1456,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:null,&quot;alt&quot;:&quot;Cookbook hardware scan&quot;,&quot;title&quot;:&quot;Cookbook hardware scan&quot;,&quot;type&quot;:null,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:null,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="Cookbook hardware scan" title="Cookbook hardware scan" srcset="https://substackcdn.com/image/fetch/$s_!xNDm!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F9a0d7389-1276-4549-863e-5532b4641c08_1550x1632.png 424w, https://substackcdn.com/image/fetch/$s_!xNDm!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F9a0d7389-1276-4549-863e-5532b4641c08_1550x1632.png 848w, https://substackcdn.com/image/fetch/$s_!xNDm!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F9a0d7389-1276-4549-863e-5532b4641c08_1550x1632.png 1272w, https://substackcdn.com/image/fetch/$s_!xNDm!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F9a0d7389-1276-4549-863e-5532b4641c08_1550x1632.png 1456w" sizes="100vw" loading="lazy"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><h2><strong>Deep Research: Multi-step reports</strong></h2><p>Deep Research runs multi-step jobs that gather, read, and synthesize sources into a clean visual report. You can steer the run (Auto, Product, Compare, How-to, Fact-check) and even pick the search engine, endpoint, and model per run. I kicked off: <em>&#8220;Give me a complete report on the new Nvidia announcement around Spark and its new line of CPUs.&#8221;</em></p><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!ObzZ!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fcae6ba88-2485-4d4d-a536-be84b2b8777e_1262x1464.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!ObzZ!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fcae6ba88-2485-4d4d-a536-be84b2b8777e_1262x1464.png 424w, https://substackcdn.com/image/fetch/$s_!ObzZ!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fcae6ba88-2485-4d4d-a536-be84b2b8777e_1262x1464.png 848w, https://substackcdn.com/image/fetch/$s_!ObzZ!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fcae6ba88-2485-4d4d-a536-be84b2b8777e_1262x1464.png 1272w, https://substackcdn.com/image/fetch/$s_!ObzZ!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fcae6ba88-2485-4d4d-a536-be84b2b8777e_1262x1464.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!ObzZ!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fcae6ba88-2485-4d4d-a536-be84b2b8777e_1262x1464.png" width="1262" height="1464" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/cae6ba88-2485-4d4d-a536-be84b2b8777e_1262x1464.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:1464,&quot;width&quot;:1262,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:null,&quot;alt&quot;:&quot;Deep Research run&quot;,&quot;title&quot;:&quot;Deep Research run&quot;,&quot;type&quot;:null,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:null,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="Deep Research run" title="Deep Research run" srcset="https://substackcdn.com/image/fetch/$s_!ObzZ!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fcae6ba88-2485-4d4d-a536-be84b2b8777e_1262x1464.png 424w, https://substackcdn.com/image/fetch/$s_!ObzZ!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fcae6ba88-2485-4d4d-a536-be84b2b8777e_1262x1464.png 848w, https://substackcdn.com/image/fetch/$s_!ObzZ!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fcae6ba88-2485-4d4d-a536-be84b2b8777e_1262x1464.png 1272w, https://substackcdn.com/image/fetch/$s_!ObzZ!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fcae6ba88-2485-4d4d-a536-be84b2b8777e_1262x1464.png 1456w" sizes="100vw" loading="lazy"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p>And yes, because we set the search engine ourselves, the whole pipeline stays self-hosted too. Odysseus defaults to <strong>SearXNG (self-hosted)</strong>, with DuckDuckGo, Brave, Tavily and others available if you&#8217;d rather.</p><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!2BTd!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F5e82dd61-c218-465b-9ec4-0e5aa3633f26_1480x1242.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!2BTd!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F5e82dd61-c218-465b-9ec4-0e5aa3633f26_1480x1242.png 424w, https://substackcdn.com/image/fetch/$s_!2BTd!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F5e82dd61-c218-465b-9ec4-0e5aa3633f26_1480x1242.png 848w, https://substackcdn.com/image/fetch/$s_!2BTd!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F5e82dd61-c218-465b-9ec4-0e5aa3633f26_1480x1242.png 1272w, https://substackcdn.com/image/fetch/$s_!2BTd!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F5e82dd61-c218-465b-9ec4-0e5aa3633f26_1480x1242.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!2BTd!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F5e82dd61-c218-465b-9ec4-0e5aa3633f26_1480x1242.png" width="1456" height="1222" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/5e82dd61-c218-465b-9ec4-0e5aa3633f26_1480x1242.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:1222,&quot;width&quot;:1456,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:null,&quot;alt&quot;:&quot;Web search provider settings&quot;,&quot;title&quot;:&quot;Web search provider settings&quot;,&quot;type&quot;:null,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:null,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="Web search provider settings" title="Web search provider settings" srcset="https://substackcdn.com/image/fetch/$s_!2BTd!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F5e82dd61-c218-465b-9ec4-0e5aa3633f26_1480x1242.png 424w, https://substackcdn.com/image/fetch/$s_!2BTd!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F5e82dd61-c218-465b-9ec4-0e5aa3633f26_1480x1242.png 848w, https://substackcdn.com/image/fetch/$s_!2BTd!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F5e82dd61-c218-465b-9ec4-0e5aa3633f26_1480x1242.png 1272w, https://substackcdn.com/image/fetch/$s_!2BTd!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F5e82dd61-c218-465b-9ec4-0e5aa3633f26_1480x1242.png 1456w" sizes="100vw" loading="lazy"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p>One more settings note worth knowing: under <strong>AI Defaults</strong> you can set the default chat model, a smaller &#8220;utility&#8221; model for background tasks like memory and auto-naming, and even a vision model for images. Set it once and forget it.</p><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!47iz!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8d22ab85-11a9-45c8-9531-eadd36ab693f_1466x1504.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!47iz!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8d22ab85-11a9-45c8-9531-eadd36ab693f_1466x1504.png 424w, https://substackcdn.com/image/fetch/$s_!47iz!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8d22ab85-11a9-45c8-9531-eadd36ab693f_1466x1504.png 848w, https://substackcdn.com/image/fetch/$s_!47iz!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8d22ab85-11a9-45c8-9531-eadd36ab693f_1466x1504.png 1272w, https://substackcdn.com/image/fetch/$s_!47iz!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8d22ab85-11a9-45c8-9531-eadd36ab693f_1466x1504.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!47iz!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8d22ab85-11a9-45c8-9531-eadd36ab693f_1466x1504.png" width="1456" height="1494" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/8d22ab85-11a9-45c8-9531-eadd36ab693f_1466x1504.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:1494,&quot;width&quot;:1456,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:null,&quot;alt&quot;:&quot;AI Defaults settings&quot;,&quot;title&quot;:&quot;AI Defaults settings&quot;,&quot;type&quot;:null,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:null,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="AI Defaults settings" title="AI Defaults settings" srcset="https://substackcdn.com/image/fetch/$s_!47iz!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8d22ab85-11a9-45c8-9531-eadd36ab693f_1466x1504.png 424w, https://substackcdn.com/image/fetch/$s_!47iz!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8d22ab85-11a9-45c8-9531-eadd36ab693f_1466x1504.png 848w, https://substackcdn.com/image/fetch/$s_!47iz!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8d22ab85-11a9-45c8-9531-eadd36ab693f_1466x1504.png 1272w, https://substackcdn.com/image/fetch/$s_!47iz!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8d22ab85-11a9-45c8-9531-eadd36ab693f_1466x1504.png 1456w" sizes="100vw" loading="lazy"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><h1><strong>Explore and have fun</strong></h1><p>I&#8217;ve covered the basics here. I encourage to take a look at all the other features it has to offer and really take the time to understand what&#8217;s happening at each stage. Understanding how to correctly use an AI orchestration platform is soon becoming an non negotiable skill in Cloud and Security.</p><p><strong>W J Pearce - Cyber Notes: </strong><em>Keep it secure, keep it light hearted</em></p><div><hr></div><p><strong>Calm, practical &amp; self paced training to help you break into Cloud Security &amp; DevSecOps</strong></p><p>&#128073; Pre-order here: <strong><a href="https://techtwoforty.com/">techtwoforty.com</a></strong></p><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!rKhC!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdf391724-a3fb-477e-9e07-a196a1b008f6_1575x835.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!rKhC!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdf391724-a3fb-477e-9e07-a196a1b008f6_1575x835.png 424w, https://substackcdn.com/image/fetch/$s_!rKhC!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdf391724-a3fb-477e-9e07-a196a1b008f6_1575x835.png 848w, https://substackcdn.com/image/fetch/$s_!rKhC!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdf391724-a3fb-477e-9e07-a196a1b008f6_1575x835.png 1272w, https://substackcdn.com/image/fetch/$s_!rKhC!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdf391724-a3fb-477e-9e07-a196a1b008f6_1575x835.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!rKhC!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdf391724-a3fb-477e-9e07-a196a1b008f6_1575x835.png" width="1456" height="772" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/df391724-a3fb-477e-9e07-a196a1b008f6_1575x835.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:772,&quot;width&quot;:1456,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:555834,&quot;alt&quot;:&quot;&quot;,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/180790089?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff0f4ee27-789b-45a5-bdff-eddb2af3398c_2614x1148.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" title="" srcset="https://substackcdn.com/image/fetch/$s_!rKhC!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdf391724-a3fb-477e-9e07-a196a1b008f6_1575x835.png 424w, https://substackcdn.com/image/fetch/$s_!rKhC!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdf391724-a3fb-477e-9e07-a196a1b008f6_1575x835.png 848w, https://substackcdn.com/image/fetch/$s_!rKhC!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdf391724-a3fb-477e-9e07-a196a1b008f6_1575x835.png 1272w, https://substackcdn.com/image/fetch/$s_!rKhC!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdf391724-a3fb-477e-9e07-a196a1b008f6_1575x835.png 1456w" sizes="100vw" loading="lazy"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div>]]></content:encoded></item><item><title><![CDATA[Claude Code for Cloud Security: What you should know 🌩️ ]]></title><description><![CDATA[New capabilities...New Skills...New ways to work...]]></description><link>https://www.cybernotes.tech/p/claude-code-for-cloud-security-what</link><guid isPermaLink="false">https://www.cybernotes.tech/p/claude-code-for-cloud-security-what</guid><dc:creator><![CDATA[W J Pearce]]></dc:creator><pubDate>Sun, 31 May 2026 18:30:54 GMT</pubDate><enclosure url="https://substackcdn.com/image/fetch/$s_!uU9_!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F154947b8-d967-4f67-aed0-a4570da3f482_883x441.png" length="0" type="image/jpeg"/><content:encoded><![CDATA[<div class="captioned-image-container"><figure><a class="image-link image2" target="_blank" href="https://substackcdn.com/image/fetch/$s_!bJ33!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!bJ33!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 424w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 848w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1272w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!bJ33!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png" width="1344" height="256" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:256,&quot;width&quot;:1344,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:null,&quot;alt&quot;:&quot;&quot;,&quot;title&quot;:&quot;&quot;,&quot;type&quot;:null,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:null,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" title="" srcset="https://substackcdn.com/image/fetch/$s_!bJ33!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 424w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 848w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1272w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1456w" sizes="100vw" fetchpriority="high"></picture><div></div></div></a></figure></div><p><strong>Last Issue: </strong><a href="http://cybernotes.tech">Quick Weekend Project: WARP Terminal &#9000;&#65039;</a></p><p><strong>Next Issue:</strong> <a href="http://cybernotes.tech">Are Cloud Security Certs Still even worth it?</a></p><div><hr></div><p><strong>AI skills used to be &#8220;cool to know.&#8221; Now they&#8217;re &#8220;need to know&#8221; and if you&#8217;re early in your cloud security career, that  can feel like drinking from a firehose.</strong></p><p><strong>Good news:</strong> you don&#8217;t need to learn everything.</p><p>Here are three <strong>very basic</strong> ways I&#8217;m actually using Claude Code in my day to day cloud security work. All stuff you can copy this week.</p><h3>1. Stop fighting the AWS CLI</h3><p>The AWS CLI is essential. The syntax is also brutal. Nobody remembers the flag order for <code>aws s3 put-bucket-policy</code> off the top of their head.</p><p>Claude Code fixes this. Launch it in your terminal and just <em>ask</em>:</p><ul><li><p>&#8220;List my S3 buckets&#8221; &#8594; it runs the bash, returns a clean table.</p></li><li><p>&#8220;Create a text file and push it to bucket X&#8221; &#8594; done.</p></li><li><p>&#8220;Delete this bucket&#8221; &#8594; it actually pauses and warns you the action is irreversible before proceeding. Small thing. Saved me already.</p></li></ul><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!JeOp!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F47caa917-10c4-4b7f-be92-55eed58ae4d0_654x284.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!JeOp!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F47caa917-10c4-4b7f-be92-55eed58ae4d0_654x284.png 424w, https://substackcdn.com/image/fetch/$s_!JeOp!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F47caa917-10c4-4b7f-be92-55eed58ae4d0_654x284.png 848w, https://substackcdn.com/image/fetch/$s_!JeOp!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F47caa917-10c4-4b7f-be92-55eed58ae4d0_654x284.png 1272w, https://substackcdn.com/image/fetch/$s_!JeOp!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F47caa917-10c4-4b7f-be92-55eed58ae4d0_654x284.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!JeOp!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F47caa917-10c4-4b7f-be92-55eed58ae4d0_654x284.png" width="654" height="284" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/47caa917-10c4-4b7f-be92-55eed58ae4d0_654x284.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:284,&quot;width&quot;:654,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:49991,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/181079936?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F47caa917-10c4-4b7f-be92-55eed58ae4d0_654x284.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!JeOp!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F47caa917-10c4-4b7f-be92-55eed58ae4d0_654x284.png 424w, https://substackcdn.com/image/fetch/$s_!JeOp!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F47caa917-10c4-4b7f-be92-55eed58ae4d0_654x284.png 848w, https://substackcdn.com/image/fetch/$s_!JeOp!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F47caa917-10c4-4b7f-be92-55eed58ae4d0_654x284.png 1272w, https://substackcdn.com/image/fetch/$s_!JeOp!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F47caa917-10c4-4b7f-be92-55eed58ae4d0_654x284.png 1456w" sizes="100vw" loading="lazy"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p><strong>One caveat I won&#8217;t shut up about:</strong> a compromised Claude Code session is a compromised AWS estate. So before you let it loose:</p><ul><li><p>Scope it to a dedicated IAM user with minimal permissions</p></li><li><p>Run it inside a dummy virtual environment</p></li><li><p>Store your credentials in AWS Vault, not in plaintext config files</p></li></ul><p>This is the difference between a productivity boost and a breach waiting to happen.</p><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!hTGc!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd84b5983-947f-4db3-bdb3-cf09ba6ffcf8_491x362.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!hTGc!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd84b5983-947f-4db3-bdb3-cf09ba6ffcf8_491x362.png 424w, https://substackcdn.com/image/fetch/$s_!hTGc!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd84b5983-947f-4db3-bdb3-cf09ba6ffcf8_491x362.png 848w, https://substackcdn.com/image/fetch/$s_!hTGc!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd84b5983-947f-4db3-bdb3-cf09ba6ffcf8_491x362.png 1272w, https://substackcdn.com/image/fetch/$s_!hTGc!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd84b5983-947f-4db3-bdb3-cf09ba6ffcf8_491x362.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!hTGc!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd84b5983-947f-4db3-bdb3-cf09ba6ffcf8_491x362.png" width="491" height="362" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/d84b5983-947f-4db3-bdb3-cf09ba6ffcf8_491x362.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:362,&quot;width&quot;:491,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:76489,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/181079936?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd84b5983-947f-4db3-bdb3-cf09ba6ffcf8_491x362.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!hTGc!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd84b5983-947f-4db3-bdb3-cf09ba6ffcf8_491x362.png 424w, https://substackcdn.com/image/fetch/$s_!hTGc!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd84b5983-947f-4db3-bdb3-cf09ba6ffcf8_491x362.png 848w, https://substackcdn.com/image/fetch/$s_!hTGc!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd84b5983-947f-4db3-bdb3-cf09ba6ffcf8_491x362.png 1272w, https://substackcdn.com/image/fetch/$s_!hTGc!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd84b5983-947f-4db3-bdb3-cf09ba6ffcf8_491x362.png 1456w" sizes="100vw" loading="lazy"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><h3>2. Terraform that doesn&#8217;t embarrass you</h3><p>Cloud security engineers live in Infrastructure as Code. Mostly Terraform.</p><p>Here&#8217;s the problem: vanilla AI generated Terraform is shitty. Inconsistent naming, no modules, no security checks, no thought to versioning. Fine for a tutorial. Useless in production.</p><p>The fix is using a proper Terraform skill, one that bakes in:</p><ul><li><p>Pinned versions and consistent formatting</p></li><li><p>Reusable modules</p></li><li><p>Testing frameworks and CI/CD hooks</p></li><li><p>Security scanning with Trivy and policy as code</p></li></ul><p>I tested it with a basic ask: VPC, two subnets, an EC2 instance. Standard models gave me something that would fail any half-decent review. Claude with the Terraform skill loaded up in VS Code pinned everything correctly and<em> </em>automatically split VPC security group ingress and egress into separate rules. which is the modern best practice most tutorials still get wrong.</p><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!uU9_!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F154947b8-d967-4f67-aed0-a4570da3f482_883x441.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!uU9_!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F154947b8-d967-4f67-aed0-a4570da3f482_883x441.png 424w, https://substackcdn.com/image/fetch/$s_!uU9_!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F154947b8-d967-4f67-aed0-a4570da3f482_883x441.png 848w, https://substackcdn.com/image/fetch/$s_!uU9_!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F154947b8-d967-4f67-aed0-a4570da3f482_883x441.png 1272w, https://substackcdn.com/image/fetch/$s_!uU9_!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F154947b8-d967-4f67-aed0-a4570da3f482_883x441.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!uU9_!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F154947b8-d967-4f67-aed0-a4570da3f482_883x441.png" width="883" height="441" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/154947b8-d967-4f67-aed0-a4570da3f482_883x441.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:441,&quot;width&quot;:883,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:286033,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/181079936?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F154947b8-d967-4f67-aed0-a4570da3f482_883x441.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!uU9_!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F154947b8-d967-4f67-aed0-a4570da3f482_883x441.png 424w, https://substackcdn.com/image/fetch/$s_!uU9_!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F154947b8-d967-4f67-aed0-a4570da3f482_883x441.png 848w, https://substackcdn.com/image/fetch/$s_!uU9_!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F154947b8-d967-4f67-aed0-a4570da3f482_883x441.png 1272w, https://substackcdn.com/image/fetch/$s_!uU9_!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F154947b8-d967-4f67-aed0-a4570da3f482_883x441.png 1456w" sizes="100vw" loading="lazy"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><h3>3. Connect everything with Docker MCP</h3><p>Containerisation is the bread and butter of this job. So is wiring tools together.</p><p>Historically, getting AI to talk to your tools meant writing custom API integrations for every single one. That gets ugly fast.</p><p>Enter <strong>Model Context Protocol</strong>. It&#8217;s a standardised way for LLMs to talk to external tools. Instead of teaching the AI how to authenticate against ten different APIs, you run an MCP server in the middle that handles all of that for you.</p><p>The easiest on ramp is Docker Desktop&#8217;s MCP support. Quick demo: I spun up the Obsidian MCP server, gave it a local REST API token, and Claude Code immediately connected to my vault. Now I can:</p><ul><li><p>Generate a structured note (AWS pen testing rules of engagement)</p></li><li><p>Drop it into the right folder</p></li><li><p>Query that knowledge later from any Claude session</p></li></ul><p>That&#8217;s a real second brain. And it took about ten minutes to set up.</p><h3>Takeaway</h3><p>You don&#8217;t need to chase every shiny AI project. You need to find the manual, repetitive parts of your workflow, writing Terraform, typing CLI commands, organising notes and offload them.</p><p>You still need to understand what&#8217;s happening underneath. AI is amazing at doing the boring parts <em>for</em> you. It&#8217;s terrible at being your fundamentals.</p><div><hr></div><h2><em><strong>WJPearce - Cyber Notes</strong></em></h2><p><strong>&#11015;&#65039; &#11015;&#65039; &#11015;&#65039; &#11015;&#65039; More Projects &#11015;&#65039; &#11015;&#65039; &#11015;&#65039; &#11015;&#65039;</strong></p><h4><strong><a href="https://wjpearce.substack.com/p/the-ultimate-cloud-project">The Ultimate Cloud Project &#9729;&#65039;</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/devsecops-aws-project">DevSecOps AWS Project</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/supply-chain-security-project">Supply Chain Security Project &#128230; &#9876;&#65039;</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/you-should-learn-aws-security-hub">You should learn AWS Security Hub CSPM</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/the-ultimate-docker-project">The Ultimate Docker Project&#128011;</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/part-two-the-ultimate-docker-project">Part Two: The Ultimate Docker Project &#128011;</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/the-aws-starter-pack">The AWS Starter Pack</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/easy-cloud-devops-project">Easy Cloud DevOps Project&#128295;</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/new-aws-account-step-by-step-guide">New AWS Account Step-by-Step Guide&#10004;&#65039;</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/beginner-ai-cloud-cv-project">Beginner AI Cloud CV Project&#128221;</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/sql-injection-made-simple">SQL Injection: Made Simple &#128137;</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/easy-cloud-automation-project">Easy Cloud Automation Project &#9881;&#65039;</a></strong></h4>]]></content:encoded></item><item><title><![CDATA[Quick Weekend Project: WARP Terminal ⌨️]]></title><description><![CDATA[The way we work is changing...]]></description><link>https://www.cybernotes.tech/p/quick-weekend-project-warp-terminal</link><guid isPermaLink="false">https://www.cybernotes.tech/p/quick-weekend-project-warp-terminal</guid><dc:creator><![CDATA[W J Pearce]]></dc:creator><pubDate>Sun, 17 May 2026 18:30:58 GMT</pubDate><enclosure url="https://substackcdn.com/image/fetch/$s_!3Koe!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fcfa893e9-0dcb-4916-a55e-dabad7181368_2000x800.png" length="0" type="image/jpeg"/><content:encoded><![CDATA[<div class="captioned-image-container"><figure><a class="image-link image2" target="_blank" href="https://substackcdn.com/image/fetch/$s_!bJ33!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!bJ33!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 424w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 848w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1272w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!bJ33!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png" width="1344" height="256" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:256,&quot;width&quot;:1344,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:null,&quot;alt&quot;:&quot;&quot;,&quot;title&quot;:&quot;&quot;,&quot;type&quot;:null,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:null,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" title="" srcset="https://substackcdn.com/image/fetch/$s_!bJ33!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 424w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 848w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1272w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1456w" sizes="100vw" fetchpriority="high"></picture><div></div></div></a></figure></div><p><strong>Last Issue: </strong><a href="http://cybernotes.tech">How to run Gemma4 Locally with Claude Code &#127775;</a></p><p><strong>Next Issue: </strong><a href="http://cybernotes.tech">Claude Code for Cloud Security: What you should know &#127785;&#65039;</a></p><div><hr></div><p><em><strong>The core fundamentals remain the same, but the way we interact with them is changing.</strong></em><strong> </strong></p><p>In DevSecOps and Cloud Security you need to know how teams are building and shipping code. This is the future. </p><p>It&#8217;s not just other teams code though, Cloud Security Engineers are still:</p><p>&#8226; Deploying Terraform, but now with <strong>AI assisted</strong> security checks built directly into the pipeline.<br>&#8226; Monitoring cloud environments, but now with <strong>AI driven</strong> alerting and drift detection.<br>&#8226; Writing scripts, but now with <strong>AI supported</strong> coding tools that accelerate delivery.<br>&#8226; Performing security architecture reviews, but now with <strong>AI copilots</strong> that help analyse risk faster.<br>&#8226; Working in Linux environments, increasingly enhanced by <strong>AI tooling</strong>.<br>&#8226; Managing networking, now supported by <strong>AI assisted</strong> troubleshooting and optimisation.</p><p>You can see where this is going&#8230;.</p><p>With that in mind, one of the first skills you&#8217;ll use every day is the terminal.</p><h3>So let&#8217;s learn how to use Warp, a modern agentic terminal designed for how security engineers work in 2026.</h3><p>What we&#8217;re going to cover</p><ul><li><p>Installation</p></li><li><p>What is it</p></li><li><p>Fun Useful Features </p></li><li><p>Coding Features</p></li><li><p>Agent Mode</p><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!3Koe!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fcfa893e9-0dcb-4916-a55e-dabad7181368_2000x800.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!3Koe!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fcfa893e9-0dcb-4916-a55e-dabad7181368_2000x800.png 424w, https://substackcdn.com/image/fetch/$s_!3Koe!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fcfa893e9-0dcb-4916-a55e-dabad7181368_2000x800.png 848w, https://substackcdn.com/image/fetch/$s_!3Koe!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fcfa893e9-0dcb-4916-a55e-dabad7181368_2000x800.png 1272w, https://substackcdn.com/image/fetch/$s_!3Koe!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fcfa893e9-0dcb-4916-a55e-dabad7181368_2000x800.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!3Koe!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fcfa893e9-0dcb-4916-a55e-dabad7181368_2000x800.png" width="1456" height="582" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/cfa893e9-0dcb-4916-a55e-dabad7181368_2000x800.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:582,&quot;width&quot;:1456,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:19690,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/194644612?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fcfa893e9-0dcb-4916-a55e-dabad7181368_2000x800.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!3Koe!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fcfa893e9-0dcb-4916-a55e-dabad7181368_2000x800.png 424w, https://substackcdn.com/image/fetch/$s_!3Koe!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fcfa893e9-0dcb-4916-a55e-dabad7181368_2000x800.png 848w, https://substackcdn.com/image/fetch/$s_!3Koe!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fcfa893e9-0dcb-4916-a55e-dabad7181368_2000x800.png 1272w, https://substackcdn.com/image/fetch/$s_!3Koe!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fcfa893e9-0dcb-4916-a55e-dabad7181368_2000x800.png 1456w" sizes="100vw" loading="lazy"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div></li></ul><div><hr></div><h3><strong>Installation:</strong> </h3><p>Install here, <a href="https://app.warp.dev/get_warp?package=dmg">warp.dev</a> and download the <strong>.DMG</strong></p><p>or via the <strong>CLI</strong> with: </p><div class="highlighted_code_block" data-attrs="{&quot;language&quot;:&quot;plaintext&quot;,&quot;nodeId&quot;:&quot;ab617ebd-bcef-4e29-8c8e-a6ce30ea3d13&quot;}" data-component-name="HighlightedCodeBlockToDOM"><pre class="shiki"><code class="language-plaintext">brew install --cask warp</code></pre></div><p>Or for <strong>Windows</strong> just got here and install the <strong>.exe</strong> file: </p><p><a href="https://www.warp.dev/windows-terminal">https://www.warp.dev/windows-terminal</a></p><div><hr></div><h3>What is it?</h3><p>When you first open warp, after signing in in etc you&#8217;ll be faced with a blank terminal and that&#8217;s because warp is just&#8230;.a terminal. Sort of. </p><p>While that's technically true, it&#8217;s also so much more.</p><ul><li><p>Modern terminal built from scratch in Rust</p></li><li><p>AI agent built directly into the terminal</p></li><li><p>GPU rendered UI for speed</p></li><li><p>Team collaboration features via Warp Drive</p></li><li><p>Warp supports all major shells, including Zsh, Bash, Fish, and PowerShell across macOS, Linux, and Windows</p></li></ul><p>Let&#8217;s take a look at what it can do now and why in 2026 I think it should be your default terminal.</p><div><hr></div><h3><strong>Fun </strong>Useful<strong> Features</strong> </h3><p><strong>Auto Complete File Path</strong></p><p>Okay, starting off with the &#8220;Nice to have&#8220; features. Warp has autocomplete, where it shows you a path based on your activity history which is super handy if you can&#8217;t remember the exact name/structure of a file path you&#8217;ve recently worked on.</p><div class="captioned-image-container"><figure><a class="image-link image2" target="_blank" href="https://substackcdn.com/image/fetch/$s_!N1K0!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F99666eed-f4b7-404c-aab7-1a7578e26413_497x219.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!N1K0!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F99666eed-f4b7-404c-aab7-1a7578e26413_497x219.png 424w, https://substackcdn.com/image/fetch/$s_!N1K0!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F99666eed-f4b7-404c-aab7-1a7578e26413_497x219.png 848w, https://substackcdn.com/image/fetch/$s_!N1K0!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F99666eed-f4b7-404c-aab7-1a7578e26413_497x219.png 1272w, https://substackcdn.com/image/fetch/$s_!N1K0!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F99666eed-f4b7-404c-aab7-1a7578e26413_497x219.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!N1K0!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F99666eed-f4b7-404c-aab7-1a7578e26413_497x219.png" width="439" height="193.4426559356137" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/99666eed-f4b7-404c-aab7-1a7578e26413_497x219.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:219,&quot;width&quot;:497,&quot;resizeWidth&quot;:439,&quot;bytes&quot;:40531,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/194644612?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F99666eed-f4b7-404c-aab7-1a7578e26413_497x219.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!N1K0!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F99666eed-f4b7-404c-aab7-1a7578e26413_497x219.png 424w, https://substackcdn.com/image/fetch/$s_!N1K0!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F99666eed-f4b7-404c-aab7-1a7578e26413_497x219.png 848w, https://substackcdn.com/image/fetch/$s_!N1K0!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F99666eed-f4b7-404c-aab7-1a7578e26413_497x219.png 1272w, https://substackcdn.com/image/fetch/$s_!N1K0!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F99666eed-f4b7-404c-aab7-1a7578e26413_497x219.png 1456w" sizes="100vw" loading="lazy"></picture><div></div></div></a></figure></div><p><strong>Auto Complete Tool Context</strong></p><p>In addition to auto complete for file paths it brings up the relevant options for a tool your using and quick description on what they do. Here I have typed docker and it&#8217;s suggesting all the commands I might want to use. </p><div class="captioned-image-container"><figure><a class="image-link image2" target="_blank" href="https://substackcdn.com/image/fetch/$s_!uI2D!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fca9c421d-1954-40db-b2c1-095cefc9b191_473x265.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!uI2D!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fca9c421d-1954-40db-b2c1-095cefc9b191_473x265.png 424w, https://substackcdn.com/image/fetch/$s_!uI2D!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fca9c421d-1954-40db-b2c1-095cefc9b191_473x265.png 848w, https://substackcdn.com/image/fetch/$s_!uI2D!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fca9c421d-1954-40db-b2c1-095cefc9b191_473x265.png 1272w, https://substackcdn.com/image/fetch/$s_!uI2D!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fca9c421d-1954-40db-b2c1-095cefc9b191_473x265.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!uI2D!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fca9c421d-1954-40db-b2c1-095cefc9b191_473x265.png" width="407" height="228.02325581395348" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/ca9c421d-1954-40db-b2c1-095cefc9b191_473x265.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:265,&quot;width&quot;:473,&quot;resizeWidth&quot;:407,&quot;bytes&quot;:37322,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/194644612?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fca9c421d-1954-40db-b2c1-095cefc9b191_473x265.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!uI2D!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fca9c421d-1954-40db-b2c1-095cefc9b191_473x265.png 424w, https://substackcdn.com/image/fetch/$s_!uI2D!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fca9c421d-1954-40db-b2c1-095cefc9b191_473x265.png 848w, https://substackcdn.com/image/fetch/$s_!uI2D!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fca9c421d-1954-40db-b2c1-095cefc9b191_473x265.png 1272w, https://substackcdn.com/image/fetch/$s_!uI2D!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fca9c421d-1954-40db-b2c1-095cefc9b191_473x265.png 1456w" sizes="100vw" loading="lazy"></picture><div></div></div></a></figure></div><p><strong>Vertical Split Windows</strong></p><p>A nice touch is the vertical window splitting so you can quickly see and select between multiple terminal sessions. Again, not ground breaking but  handy.</p><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!LEeZ!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8330b8c0-20d9-4a59-99d1-67b82631dfef_261x289.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!LEeZ!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8330b8c0-20d9-4a59-99d1-67b82631dfef_261x289.png 424w, https://substackcdn.com/image/fetch/$s_!LEeZ!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8330b8c0-20d9-4a59-99d1-67b82631dfef_261x289.png 848w, https://substackcdn.com/image/fetch/$s_!LEeZ!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8330b8c0-20d9-4a59-99d1-67b82631dfef_261x289.png 1272w, https://substackcdn.com/image/fetch/$s_!LEeZ!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8330b8c0-20d9-4a59-99d1-67b82631dfef_261x289.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!LEeZ!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8330b8c0-20d9-4a59-99d1-67b82631dfef_261x289.png" width="233" height="257.9961685823755" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/8330b8c0-20d9-4a59-99d1-67b82631dfef_261x289.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:289,&quot;width&quot;:261,&quot;resizeWidth&quot;:233,&quot;bytes&quot;:27554,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/194644612?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8330b8c0-20d9-4a59-99d1-67b82631dfef_261x289.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!LEeZ!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8330b8c0-20d9-4a59-99d1-67b82631dfef_261x289.png 424w, https://substackcdn.com/image/fetch/$s_!LEeZ!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8330b8c0-20d9-4a59-99d1-67b82631dfef_261x289.png 848w, https://substackcdn.com/image/fetch/$s_!LEeZ!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8330b8c0-20d9-4a59-99d1-67b82631dfef_261x289.png 1272w, https://substackcdn.com/image/fetch/$s_!LEeZ!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8330b8c0-20d9-4a59-99d1-67b82631dfef_261x289.png 1456w" sizes="100vw" loading="lazy"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p><strong>Vertical Split Panes </strong></p><p>You can of course, split the same window to have extra context with <code>cmd + d</code></p><div class="captioned-image-container"><figure><a class="image-link image2" target="_blank" href="https://substackcdn.com/image/fetch/$s_!sD3T!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd647563c-c816-4c8c-a424-cf17c4902573_778x182.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!sD3T!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd647563c-c816-4c8c-a424-cf17c4902573_778x182.png 424w, https://substackcdn.com/image/fetch/$s_!sD3T!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd647563c-c816-4c8c-a424-cf17c4902573_778x182.png 848w, https://substackcdn.com/image/fetch/$s_!sD3T!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd647563c-c816-4c8c-a424-cf17c4902573_778x182.png 1272w, https://substackcdn.com/image/fetch/$s_!sD3T!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd647563c-c816-4c8c-a424-cf17c4902573_778x182.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!sD3T!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd647563c-c816-4c8c-a424-cf17c4902573_778x182.png" width="620" height="145.03856041131107" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/d647563c-c816-4c8c-a424-cf17c4902573_778x182.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:182,&quot;width&quot;:778,&quot;resizeWidth&quot;:620,&quot;bytes&quot;:17273,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/194644612?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd647563c-c816-4c8c-a424-cf17c4902573_778x182.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!sD3T!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd647563c-c816-4c8c-a424-cf17c4902573_778x182.png 424w, https://substackcdn.com/image/fetch/$s_!sD3T!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd647563c-c816-4c8c-a424-cf17c4902573_778x182.png 848w, https://substackcdn.com/image/fetch/$s_!sD3T!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd647563c-c816-4c8c-a424-cf17c4902573_778x182.png 1272w, https://substackcdn.com/image/fetch/$s_!sD3T!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd647563c-c816-4c8c-a424-cf17c4902573_778x182.png 1456w" sizes="100vw" loading="lazy"></picture><div></div></div></a></figure></div><p><strong>Block Filtering</strong></p><p>Yes I know how to <code>grep</code>, <code>tail etc</code> and you should 100%  know how todo this manually but lets be real. Being able to see the results disappear that aren&#8217;t relevant is a nice for light work and ESPECIALLY for log hunting quickly</p><p>Typing <code>ls</code></p><div class="captioned-image-container"><figure><a class="image-link image2" target="_blank" href="https://substackcdn.com/image/fetch/$s_!36YC!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F11746a70-9512-4c57-8a5a-88f7cc7a48cc_761x190.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!36YC!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F11746a70-9512-4c57-8a5a-88f7cc7a48cc_761x190.png 424w, https://substackcdn.com/image/fetch/$s_!36YC!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F11746a70-9512-4c57-8a5a-88f7cc7a48cc_761x190.png 848w, https://substackcdn.com/image/fetch/$s_!36YC!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F11746a70-9512-4c57-8a5a-88f7cc7a48cc_761x190.png 1272w, https://substackcdn.com/image/fetch/$s_!36YC!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F11746a70-9512-4c57-8a5a-88f7cc7a48cc_761x190.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!36YC!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F11746a70-9512-4c57-8a5a-88f7cc7a48cc_761x190.png" width="634" height="158.29172141918528" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/11746a70-9512-4c57-8a5a-88f7cc7a48cc_761x190.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:190,&quot;width&quot;:761,&quot;resizeWidth&quot;:634,&quot;bytes&quot;:19288,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/194644612?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F11746a70-9512-4c57-8a5a-88f7cc7a48cc_761x190.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!36YC!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F11746a70-9512-4c57-8a5a-88f7cc7a48cc_761x190.png 424w, https://substackcdn.com/image/fetch/$s_!36YC!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F11746a70-9512-4c57-8a5a-88f7cc7a48cc_761x190.png 848w, https://substackcdn.com/image/fetch/$s_!36YC!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F11746a70-9512-4c57-8a5a-88f7cc7a48cc_761x190.png 1272w, https://substackcdn.com/image/fetch/$s_!36YC!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F11746a70-9512-4c57-8a5a-88f7cc7a48cc_761x190.png 1456w" sizes="100vw" loading="lazy"></picture><div></div></div></a></figure></div><p>Then filtering out the results with the button in the top right</p><div class="captioned-image-container"><figure><a class="image-link image2" target="_blank" href="https://substackcdn.com/image/fetch/$s_!WdZX!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6dd3d681-d61a-4e38-9b94-1155a5bcce27_750x180.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!WdZX!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6dd3d681-d61a-4e38-9b94-1155a5bcce27_750x180.png 424w, https://substackcdn.com/image/fetch/$s_!WdZX!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6dd3d681-d61a-4e38-9b94-1155a5bcce27_750x180.png 848w, https://substackcdn.com/image/fetch/$s_!WdZX!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6dd3d681-d61a-4e38-9b94-1155a5bcce27_750x180.png 1272w, https://substackcdn.com/image/fetch/$s_!WdZX!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6dd3d681-d61a-4e38-9b94-1155a5bcce27_750x180.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!WdZX!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6dd3d681-d61a-4e38-9b94-1155a5bcce27_750x180.png" width="636" height="152.64" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/6dd3d681-d61a-4e38-9b94-1155a5bcce27_750x180.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:180,&quot;width&quot;:750,&quot;resizeWidth&quot;:636,&quot;bytes&quot;:21498,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/194644612?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6dd3d681-d61a-4e38-9b94-1155a5bcce27_750x180.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!WdZX!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6dd3d681-d61a-4e38-9b94-1155a5bcce27_750x180.png 424w, https://substackcdn.com/image/fetch/$s_!WdZX!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6dd3d681-d61a-4e38-9b94-1155a5bcce27_750x180.png 848w, https://substackcdn.com/image/fetch/$s_!WdZX!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6dd3d681-d61a-4e38-9b94-1155a5bcce27_750x180.png 1272w, https://substackcdn.com/image/fetch/$s_!WdZX!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6dd3d681-d61a-4e38-9b94-1155a5bcce27_750x180.png 1456w" sizes="100vw" loading="lazy"></picture><div></div></div></a></figure></div><div><hr></div><h3><strong>Coding Features</strong> </h3><p>Nice to haves aside, what are some of the features that really make warp worth learning here. </p><p>When you&#8217;e working on a project you&#8217;ve cloned from Github you instantly see a few cool things. Again, not a substitute for learning how todo these thing manually. </p><h3><strong>As usual, I reserve the Projects for community members&#8230;Come join the fun! &#127757;</strong></h3><p></p>
      <p>
          <a href="https://www.cybernotes.tech/p/quick-weekend-project-warp-terminal">
              Read more
          </a>
      </p>
   ]]></content:encoded></item><item><title><![CDATA[How to run Gemma4 Locally with Claude Code 🌟]]></title><description><![CDATA[No more hitting those limits!]]></description><link>https://www.cybernotes.tech/p/how-to-run-gemma4-locally-with-claude</link><guid isPermaLink="false">https://www.cybernotes.tech/p/how-to-run-gemma4-locally-with-claude</guid><dc:creator><![CDATA[W J Pearce]]></dc:creator><pubDate>Sun, 03 May 2026 18:30:54 GMT</pubDate><enclosure url="https://substackcdn.com/image/fetch/$s_!0umK!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F9a569d43-8e7f-45f5-9809-3ad8041d4e8e_702x582.png" length="0" type="image/jpeg"/><content:encoded><![CDATA[<div class="captioned-image-container"><figure><a class="image-link image2" target="_blank" href="https://substackcdn.com/image/fetch/$s_!bJ33!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!bJ33!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 424w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 848w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1272w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!bJ33!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png" width="1344" height="256" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:256,&quot;width&quot;:1344,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:null,&quot;alt&quot;:&quot;&quot;,&quot;title&quot;:&quot;&quot;,&quot;type&quot;:null,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:null,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" title="" srcset="https://substackcdn.com/image/fetch/$s_!bJ33!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 424w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 848w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1272w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1456w" sizes="100vw" fetchpriority="high"></picture><div></div></div></a></figure></div><p><strong>Last Issue: </strong><a href="http://cybernotes.tech">Agentic AI Hacking Project &#129302;</a></p><p><strong>Next Issue: </strong><a href="http://cybernotes.tech">Claude Code for Cloud Security: What you should know &#127785;&#65039;</a></p><div><hr></div><h3>Quick one this week&#8230; </h3><p>I want to show you how to run Gemma 4, Google&#8217;s free open source model, locally.</p><p><strong>This is cool enough on its own,</strong> and running local AI models is something you should definitely do at least once before you deploy them into the cloud. But for my use case here, it&#8217;s to avoid hitting those pesky Claude code limits every two minutes.</p><p>You don&#8217;t have to use Gemma 4 here, but if you take a look at the recent benchmarks compared to some of the bigger models, it&#8217;s really worth at least trying it out.</p><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!0umK!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F9a569d43-8e7f-45f5-9809-3ad8041d4e8e_702x582.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!0umK!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F9a569d43-8e7f-45f5-9809-3ad8041d4e8e_702x582.png 424w, https://substackcdn.com/image/fetch/$s_!0umK!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F9a569d43-8e7f-45f5-9809-3ad8041d4e8e_702x582.png 848w, https://substackcdn.com/image/fetch/$s_!0umK!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F9a569d43-8e7f-45f5-9809-3ad8041d4e8e_702x582.png 1272w, https://substackcdn.com/image/fetch/$s_!0umK!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F9a569d43-8e7f-45f5-9809-3ad8041d4e8e_702x582.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!0umK!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F9a569d43-8e7f-45f5-9809-3ad8041d4e8e_702x582.png" width="638" height="528.9401709401709" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/9a569d43-8e7f-45f5-9809-3ad8041d4e8e_702x582.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:582,&quot;width&quot;:702,&quot;resizeWidth&quot;:638,&quot;bytes&quot;:47168,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/194597431?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F9a569d43-8e7f-45f5-9809-3ad8041d4e8e_702x582.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!0umK!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F9a569d43-8e7f-45f5-9809-3ad8041d4e8e_702x582.png 424w, https://substackcdn.com/image/fetch/$s_!0umK!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F9a569d43-8e7f-45f5-9809-3ad8041d4e8e_702x582.png 848w, https://substackcdn.com/image/fetch/$s_!0umK!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F9a569d43-8e7f-45f5-9809-3ad8041d4e8e_702x582.png 1272w, https://substackcdn.com/image/fetch/$s_!0umK!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F9a569d43-8e7f-45f5-9809-3ad8041d4e8e_702x582.png 1456w" sizes="100vw"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><div class="subscription-widget-wrap-editor" data-attrs="{&quot;url&quot;:&quot;https://www.cybernotes.tech/subscribe?&quot;,&quot;text&quot;:&quot;Subscribe&quot;,&quot;language&quot;:&quot;en&quot;}" data-component-name="SubscribeWidgetToDOM"><div class="subscription-widget show-subscribe"><div class="preamble"><p class="cta-caption"><strong>Cyber Notes</strong> is a reader supported publication. To receive new posts and access to all projects considering becoming a subscriber &#128640;</p></div><form class="subscription-widget-subscribe"><input type="email" class="email-input" name="email" placeholder="Type your email&#8230;" tabindex="-1"><input type="submit" class="button primary" value="Subscribe"><div class="fake-input-wrapper"><div class="fake-input"></div><div class="fake-button"></div></div></form></div></div><p><strong>Step One: </strong>Install<strong> </strong>Claude Code</p><p>You&#8217;ll of course need to have Claude Code installed, follow this guide if you haven&#8217;t:</p><div class="digest-post-embed" data-attrs="{&quot;nodeId&quot;:&quot;b1227149-e68f-4ddf-8fdc-016d9d24dd1b&quot;,&quot;caption&quot;:&quot;Last Week: The Ultimate Docker Project: Part One &#128011;&quot;,&quot;cta&quot;:&quot;Read full story&quot;,&quot;showBylines&quot;:true,&quot;showDescription&quot;:true,&quot;showImage&quot;:true,&quot;size&quot;:&quot;lg&quot;,&quot;isEditorNode&quot;:true,&quot;title&quot;:&quot;How to Install And Use Claude Code&quot;,&quot;publishedBylines&quot;:[{&quot;id&quot;:100797762,&quot;name&quot;:&quot;W J Pearce&quot;,&quot;bio&quot;:&quot;Cyber Security Engineer / YouTuber&quot;,&quot;photo_url&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/31d30c5a-0775-4efa-8cac-b6b9dfda9c05_361x361.jpeg&quot;,&quot;is_guest&quot;:false,&quot;bestseller_tier&quot;:100}],&quot;post_date&quot;:&quot;2025-07-20T18:30:11.894Z&quot;,&quot;cover_image&quot;:&quot;https://substackcdn.com/image/fetch/$s_!erJ3!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F0546d1a2-666e-4ade-aa32-97bdc3804aa7_793x411.png&quot;,&quot;cover_image_alt&quot;:null,&quot;canonical_url&quot;:&quot;https://www.cybernotes.tech/p/how-to-install-and-use-claude-code&quot;,&quot;section_name&quot;:null,&quot;video_upload_id&quot;:null,&quot;id&quot;:168449843,&quot;type&quot;:&quot;newsletter&quot;,&quot;reaction_count&quot;:13,&quot;comment_count&quot;:1,&quot;publication_id&quot;:2139894,&quot;publication_name&quot;:&quot;Cyber Notes&quot;,&quot;publication_logo_url&quot;:&quot;https://substackcdn.com/image/fetch/$s_!wiuw!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F96e971cf-35a8-446e-90a7-27e9f627abbb_256x256.png&quot;,&quot;belowTheFold&quot;:true,&quot;youtube_url&quot;:null,&quot;show_links&quot;:null,&quot;feed_url&quot;:null}"></div><div><hr></div><p><strong>Step Two: </strong>Install Ollama</p><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!8GsW!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff8145e98-0ae6-47cc-a0a1-558a18f0cb21_547x564.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!8GsW!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff8145e98-0ae6-47cc-a0a1-558a18f0cb21_547x564.png 424w, https://substackcdn.com/image/fetch/$s_!8GsW!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff8145e98-0ae6-47cc-a0a1-558a18f0cb21_547x564.png 848w, https://substackcdn.com/image/fetch/$s_!8GsW!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff8145e98-0ae6-47cc-a0a1-558a18f0cb21_547x564.png 1272w, https://substackcdn.com/image/fetch/$s_!8GsW!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff8145e98-0ae6-47cc-a0a1-558a18f0cb21_547x564.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!8GsW!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff8145e98-0ae6-47cc-a0a1-558a18f0cb21_547x564.png" width="435" height="448.5191956124314" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/f8145e98-0ae6-47cc-a0a1-558a18f0cb21_547x564.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:564,&quot;width&quot;:547,&quot;resizeWidth&quot;:435,&quot;bytes&quot;:56008,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/194597431?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff8145e98-0ae6-47cc-a0a1-558a18f0cb21_547x564.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!8GsW!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff8145e98-0ae6-47cc-a0a1-558a18f0cb21_547x564.png 424w, https://substackcdn.com/image/fetch/$s_!8GsW!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff8145e98-0ae6-47cc-a0a1-558a18f0cb21_547x564.png 848w, https://substackcdn.com/image/fetch/$s_!8GsW!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff8145e98-0ae6-47cc-a0a1-558a18f0cb21_547x564.png 1272w, https://substackcdn.com/image/fetch/$s_!8GsW!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff8145e98-0ae6-47cc-a0a1-558a18f0cb21_547x564.png 1456w" sizes="100vw" loading="lazy"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p>You can do this with the single command, here: <a href="https://ollama.com/">https://ollama.com/</a></p><p>Once installed you should see a blank chat terminal with the model selector the bottom right </p><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!Etei!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F7ef79289-74f2-468f-9b85-2f118ed1be69_1135x620.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!Etei!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F7ef79289-74f2-468f-9b85-2f118ed1be69_1135x620.png 424w, https://substackcdn.com/image/fetch/$s_!Etei!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F7ef79289-74f2-468f-9b85-2f118ed1be69_1135x620.png 848w, https://substackcdn.com/image/fetch/$s_!Etei!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F7ef79289-74f2-468f-9b85-2f118ed1be69_1135x620.png 1272w, https://substackcdn.com/image/fetch/$s_!Etei!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F7ef79289-74f2-468f-9b85-2f118ed1be69_1135x620.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!Etei!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F7ef79289-74f2-468f-9b85-2f118ed1be69_1135x620.png" width="1135" height="620" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/7ef79289-74f2-468f-9b85-2f118ed1be69_1135x620.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:620,&quot;width&quot;:1135,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:62776,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/194597431?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F7ef79289-74f2-468f-9b85-2f118ed1be69_1135x620.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!Etei!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F7ef79289-74f2-468f-9b85-2f118ed1be69_1135x620.png 424w, https://substackcdn.com/image/fetch/$s_!Etei!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F7ef79289-74f2-468f-9b85-2f118ed1be69_1135x620.png 848w, https://substackcdn.com/image/fetch/$s_!Etei!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F7ef79289-74f2-468f-9b85-2f118ed1be69_1135x620.png 1272w, https://substackcdn.com/image/fetch/$s_!Etei!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F7ef79289-74f2-468f-9b85-2f118ed1be69_1135x620.png 1456w" sizes="100vw" loading="lazy"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><div><hr></div><p><strong>Step Three: </strong>Download Gemma 4</p><p>Now, the Gemma 4 model comes in quite a few sizes, and we want to get the right one for our machine. This will obviously depend on what hardware you&#8217;re running.</p><p>I have a Mac mini M4 Pro here, so I pasted my system specs into Claude and asked it to recommend the best model for my setup.</p><div class="captioned-image-container"><figure><a class="image-link image2" target="_blank" href="https://substackcdn.com/image/fetch/$s_!OTBc!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F5e021e3a-4efb-4369-ac90-0d450e045add_668x179.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!OTBc!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F5e021e3a-4efb-4369-ac90-0d450e045add_668x179.png 424w, https://substackcdn.com/image/fetch/$s_!OTBc!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F5e021e3a-4efb-4369-ac90-0d450e045add_668x179.png 848w, https://substackcdn.com/image/fetch/$s_!OTBc!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F5e021e3a-4efb-4369-ac90-0d450e045add_668x179.png 1272w, https://substackcdn.com/image/fetch/$s_!OTBc!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F5e021e3a-4efb-4369-ac90-0d450e045add_668x179.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!OTBc!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F5e021e3a-4efb-4369-ac90-0d450e045add_668x179.png" width="668" height="179" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/5e021e3a-4efb-4369-ac90-0d450e045add_668x179.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:179,&quot;width&quot;:668,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:51077,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/194597431?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F5e021e3a-4efb-4369-ac90-0d450e045add_668x179.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!OTBc!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F5e021e3a-4efb-4369-ac90-0d450e045add_668x179.png 424w, https://substackcdn.com/image/fetch/$s_!OTBc!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F5e021e3a-4efb-4369-ac90-0d450e045add_668x179.png 848w, https://substackcdn.com/image/fetch/$s_!OTBc!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F5e021e3a-4efb-4369-ac90-0d450e045add_668x179.png 1272w, https://substackcdn.com/image/fetch/$s_!OTBc!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F5e021e3a-4efb-4369-ac90-0d450e045add_668x179.png 1456w" sizes="100vw" loading="lazy"></picture><div></div></div></a></figure></div><p>So all we need to run now is:</p><div class="highlighted_code_block" data-attrs="{&quot;language&quot;:&quot;plaintext&quot;,&quot;nodeId&quot;:&quot;adad2a10-e614-42aa-8a77-ac33bda61884&quot;}" data-component-name="HighlightedCodeBlockToDOM"><pre class="shiki"><code class="language-plaintext">ollama run gemma4:26b</code></pre></div><div><hr></div><p><strong>Step Four: </strong>Validation</p><p>You can now navigate back to Ollama and you should see the Gemma4 model we downloaded in the bottom right:"</p><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!XDZq!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3ed5da3d-1ecb-4a60-a953-3df09e39ea76_791x572.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!XDZq!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3ed5da3d-1ecb-4a60-a953-3df09e39ea76_791x572.png 424w, https://substackcdn.com/image/fetch/$s_!XDZq!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3ed5da3d-1ecb-4a60-a953-3df09e39ea76_791x572.png 848w, https://substackcdn.com/image/fetch/$s_!XDZq!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3ed5da3d-1ecb-4a60-a953-3df09e39ea76_791x572.png 1272w, https://substackcdn.com/image/fetch/$s_!XDZq!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3ed5da3d-1ecb-4a60-a953-3df09e39ea76_791x572.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!XDZq!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3ed5da3d-1ecb-4a60-a953-3df09e39ea76_791x572.png" width="581" height="420.14159292035396" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/3ed5da3d-1ecb-4a60-a953-3df09e39ea76_791x572.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:572,&quot;width&quot;:791,&quot;resizeWidth&quot;:581,&quot;bytes&quot;:29380,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/194597431?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3ed5da3d-1ecb-4a60-a953-3df09e39ea76_791x572.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!XDZq!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3ed5da3d-1ecb-4a60-a953-3df09e39ea76_791x572.png 424w, https://substackcdn.com/image/fetch/$s_!XDZq!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3ed5da3d-1ecb-4a60-a953-3df09e39ea76_791x572.png 848w, https://substackcdn.com/image/fetch/$s_!XDZq!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3ed5da3d-1ecb-4a60-a953-3df09e39ea76_791x572.png 1272w, https://substackcdn.com/image/fetch/$s_!XDZq!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3ed5da3d-1ecb-4a60-a953-3df09e39ea76_791x572.png 1456w" sizes="100vw" loading="lazy"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><div><hr></div><p><strong>Step Five: </strong>Running with Claude Code</p><p>We now want to configure this to be the default model with Claude Code. So open a new terminal and run:</p><div class="highlighted_code_block" data-attrs="{&quot;language&quot;:&quot;plaintext&quot;,&quot;nodeId&quot;:&quot;0440e500-f9b5-49e2-bdd8-6bc35f62a1ea&quot;}" data-component-name="HighlightedCodeBlockToDOM"><pre class="shiki"><code class="language-plaintext">ollama run gemma4:26b</code></pre></div><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!tp2f!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F645c32e5-cf4c-4b0c-9085-2e78346a89ce_609x261.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!tp2f!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F645c32e5-cf4c-4b0c-9085-2e78346a89ce_609x261.png 424w, https://substackcdn.com/image/fetch/$s_!tp2f!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F645c32e5-cf4c-4b0c-9085-2e78346a89ce_609x261.png 848w, https://substackcdn.com/image/fetch/$s_!tp2f!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F645c32e5-cf4c-4b0c-9085-2e78346a89ce_609x261.png 1272w, https://substackcdn.com/image/fetch/$s_!tp2f!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F645c32e5-cf4c-4b0c-9085-2e78346a89ce_609x261.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!tp2f!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F645c32e5-cf4c-4b0c-9085-2e78346a89ce_609x261.png" width="609" height="261" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/645c32e5-cf4c-4b0c-9085-2e78346a89ce_609x261.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:261,&quot;width&quot;:609,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:44101,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/194597431?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F645c32e5-cf4c-4b0c-9085-2e78346a89ce_609x261.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!tp2f!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F645c32e5-cf4c-4b0c-9085-2e78346a89ce_609x261.png 424w, https://substackcdn.com/image/fetch/$s_!tp2f!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F645c32e5-cf4c-4b0c-9085-2e78346a89ce_609x261.png 848w, https://substackcdn.com/image/fetch/$s_!tp2f!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F645c32e5-cf4c-4b0c-9085-2e78346a89ce_609x261.png 1272w, https://substackcdn.com/image/fetch/$s_!tp2f!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F645c32e5-cf4c-4b0c-9085-2e78346a89ce_609x261.png 1456w" sizes="100vw" loading="lazy"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p>Select the model from more and then start claude code and run <code>/model </code>selecting Gemma4</p><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!3K5t!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe08bede4-d4ff-4060-a442-484ae1948587_924x245.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!3K5t!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe08bede4-d4ff-4060-a442-484ae1948587_924x245.png 424w, https://substackcdn.com/image/fetch/$s_!3K5t!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe08bede4-d4ff-4060-a442-484ae1948587_924x245.png 848w, https://substackcdn.com/image/fetch/$s_!3K5t!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe08bede4-d4ff-4060-a442-484ae1948587_924x245.png 1272w, https://substackcdn.com/image/fetch/$s_!3K5t!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe08bede4-d4ff-4060-a442-484ae1948587_924x245.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!3K5t!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe08bede4-d4ff-4060-a442-484ae1948587_924x245.png" width="924" height="245" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/e08bede4-d4ff-4060-a442-484ae1948587_924x245.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:245,&quot;width&quot;:924,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:35682,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/194597431?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe08bede4-d4ff-4060-a442-484ae1948587_924x245.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!3K5t!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe08bede4-d4ff-4060-a442-484ae1948587_924x245.png 424w, https://substackcdn.com/image/fetch/$s_!3K5t!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe08bede4-d4ff-4060-a442-484ae1948587_924x245.png 848w, https://substackcdn.com/image/fetch/$s_!3K5t!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe08bede4-d4ff-4060-a442-484ae1948587_924x245.png 1272w, https://substackcdn.com/image/fetch/$s_!3K5t!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe08bede4-d4ff-4060-a442-484ae1948587_924x245.png 1456w" sizes="100vw" loading="lazy"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p>Congratulations &#127881; </p><p>You are now running a local AI Model and you&#8217;ve got Claude Code using it as the default.</p><div><hr></div><p><strong>W J Pearce - Cyber Notes</strong></p><p><em>Calm, practical &amp; self paced training to help you break into Cloud Security &amp; DevSecOps</em></p><p>&#128073; Pre-order here: <strong><a href="https://techtwoforty.com/">techtwoforty.com</a></strong></p><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!rKhC!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdf391724-a3fb-477e-9e07-a196a1b008f6_1575x835.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!rKhC!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdf391724-a3fb-477e-9e07-a196a1b008f6_1575x835.png 424w, https://substackcdn.com/image/fetch/$s_!rKhC!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdf391724-a3fb-477e-9e07-a196a1b008f6_1575x835.png 848w, https://substackcdn.com/image/fetch/$s_!rKhC!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdf391724-a3fb-477e-9e07-a196a1b008f6_1575x835.png 1272w, https://substackcdn.com/image/fetch/$s_!rKhC!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdf391724-a3fb-477e-9e07-a196a1b008f6_1575x835.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!rKhC!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdf391724-a3fb-477e-9e07-a196a1b008f6_1575x835.png" width="1456" height="772" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/df391724-a3fb-477e-9e07-a196a1b008f6_1575x835.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:772,&quot;width&quot;:1456,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:555834,&quot;alt&quot;:&quot;&quot;,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/180790089?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff0f4ee27-789b-45a5-bdff-eddb2af3398c_2614x1148.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" title="" srcset="https://substackcdn.com/image/fetch/$s_!rKhC!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdf391724-a3fb-477e-9e07-a196a1b008f6_1575x835.png 424w, https://substackcdn.com/image/fetch/$s_!rKhC!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdf391724-a3fb-477e-9e07-a196a1b008f6_1575x835.png 848w, https://substackcdn.com/image/fetch/$s_!rKhC!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdf391724-a3fb-477e-9e07-a196a1b008f6_1575x835.png 1272w, https://substackcdn.com/image/fetch/$s_!rKhC!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdf391724-a3fb-477e-9e07-a196a1b008f6_1575x835.png 1456w" sizes="100vw" loading="lazy"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div>]]></content:encoded></item><item><title><![CDATA[Agentic AI Hacking Project 🤖]]></title><description><![CDATA[The bar keeps getting lower...You need to go higher...]]></description><link>https://www.cybernotes.tech/p/agentic-ai-hacking-project</link><guid isPermaLink="false">https://www.cybernotes.tech/p/agentic-ai-hacking-project</guid><dc:creator><![CDATA[W J Pearce]]></dc:creator><pubDate>Sun, 19 Apr 2026 18:30:55 GMT</pubDate><enclosure url="https://substackcdn.com/image/fetch/$s_!AE0g!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3e9e24fe-6ce8-45ac-b347-f0cef00c3fa9_610x403.png" length="0" type="image/jpeg"/><content:encoded><![CDATA[<div class="captioned-image-container"><figure><a class="image-link image2" target="_blank" href="https://substackcdn.com/image/fetch/$s_!bJ33!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!bJ33!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 424w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 848w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1272w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!bJ33!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png" width="1344" height="256" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:256,&quot;width&quot;:1344,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:null,&quot;alt&quot;:&quot;&quot;,&quot;title&quot;:&quot;&quot;,&quot;type&quot;:null,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:null,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" title="" srcset="https://substackcdn.com/image/fetch/$s_!bJ33!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 424w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 848w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1272w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1456w" sizes="100vw" fetchpriority="high"></picture><div></div></div></a></figure></div><p><strong>Last Issue: </strong><a href="https://wjpearce.substack.com/p/deploy-faster-on-aws-ec2-vs-lightsail">Deploy Faster on AWS: EC2 vs Lightsail (Hands On Guide)</a></p><p><strong>Next Issue: </strong><a href="http://cybernotes.tech">How to run Gemma 4 Locally with Claude Code &#127775;</a></p><div><hr></div><p>I&#8217;ve recently covered two methods of AI hacking. <strong>Let&#8217;s go one step further today.</strong></p><p>The first one was great but effectively a gpt wrapper. </p><p>The second got a little more complex: We set up an MCP server with Kali, but still pretty simple. </p><div class="embedded-post-wrap" data-attrs="{&quot;id&quot;:186625801,&quot;url&quot;:&quot;https://www.cybernotes.tech/p/ai-pentesting-project&quot;,&quot;publication_id&quot;:2139894,&quot;publication_name&quot;:&quot;Cyber Notes&quot;,&quot;publication_logo_url&quot;:&quot;https://substackcdn.com/image/fetch/$s_!wiuw!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F96e971cf-35a8-446e-90a7-27e9f627abbb_256x256.png&quot;,&quot;title&quot;:&quot;Easy AI Pentesting Project &#128137;&quot;,&quot;truncated_body_text&quot;:&quot;Last Issue: DevSecOps Course: 2026 &#128739;&#65039;&quot;,&quot;date&quot;:&quot;2026-02-08T19:30:37.006Z&quot;,&quot;like_count&quot;:10,&quot;comment_count&quot;:1,&quot;bylines&quot;:[{&quot;id&quot;:100797762,&quot;name&quot;:&quot;W J Pearce&quot;,&quot;handle&quot;:&quot;wjpearce&quot;,&quot;previous_name&quot;:&quot;Will&quot;,&quot;photo_url&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/31d30c5a-0775-4efa-8cac-b6b9dfda9c05_361x361.jpeg&quot;,&quot;bio&quot;:&quot;Cyber Security Engineer / YouTuber&quot;,&quot;profile_set_up_at&quot;:&quot;2022-08-07T11:22:17.818Z&quot;,&quot;reader_installed_at&quot;:&quot;2024-05-02T20:52:18.368Z&quot;,&quot;publicationUsers&quot;:[{&quot;id&quot;:2145719,&quot;user_id&quot;:100797762,&quot;publication_id&quot;:2139894,&quot;role&quot;:&quot;admin&quot;,&quot;public&quot;:true,&quot;is_primary&quot;:true,&quot;publication&quot;:{&quot;id&quot;:2139894,&quot;name&quot;:&quot;Cyber Notes&quot;,&quot;subdomain&quot;:&quot;wjpearce&quot;,&quot;custom_domain&quot;:&quot;www.cybernotes.tech&quot;,&quot;custom_domain_optional&quot;:false,&quot;hero_text&quot;:&quot;Cloud Security Projects, Essays &amp; Guides. \n\n&#9729;&#65039; Free Cloud Security Starter Pack in welcome Email &#11015;&#65039;&quot;,&quot;logo_url&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/96e971cf-35a8-446e-90a7-27e9f627abbb_256x256.png&quot;,&quot;author_id&quot;:100797762,&quot;primary_user_id&quot;:100797762,&quot;theme_var_background_pop&quot;:&quot;#D10000&quot;,&quot;created_at&quot;:&quot;2023-11-29T08:54:05.799Z&quot;,&quot;email_from_name&quot;:null,&quot;copyright&quot;:&quot;W J Pearce&quot;,&quot;founding_plan_name&quot;:&quot;Founding Member&quot;,&quot;community_enabled&quot;:true,&quot;invite_only&quot;:false,&quot;payments_state&quot;:&quot;enabled&quot;,&quot;language&quot;:null,&quot;explicit&quot;:false,&quot;homepage_type&quot;:&quot;newspaper&quot;,&quot;is_personal_mode&quot;:false,&quot;logo_url_wide&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/2f6186f5-5a97-4636-be78-5a078969b018_4200x800.png&quot;}}],&quot;is_guest&quot;:false,&quot;bestseller_tier&quot;:100,&quot;status&quot;:{&quot;bestsellerTier&quot;:100,&quot;subscriberTier&quot;:null,&quot;leaderboard&quot;:null,&quot;vip&quot;:false,&quot;badge&quot;:{&quot;type&quot;:&quot;bestseller&quot;,&quot;tier&quot;:100},&quot;paidPublicationIds&quot;:[],&quot;subscriber&quot;:null}}],&quot;utm_campaign&quot;:null,&quot;belowTheFold&quot;:false,&quot;type&quot;:&quot;newsletter&quot;,&quot;language&quot;:&quot;en&quot;,&quot;source&quot;:null}" data-component-name="EmbeddedPostToDOM"><a class="embedded-post" native="true" href="https://www.cybernotes.tech/p/ai-pentesting-project?utm_source=substack&amp;utm_campaign=post_embed&amp;utm_medium=web"><div class="embedded-post-header"><img class="embedded-post-publication-logo" src="https://substackcdn.com/image/fetch/$s_!wiuw!,w_56,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F96e971cf-35a8-446e-90a7-27e9f627abbb_256x256.png"><span class="embedded-post-publication-name">Cyber Notes</span></div><div class="embedded-post-title-wrapper"><div class="embedded-post-title">Easy AI Pentesting Project &#128137;</div></div><div class="embedded-post-body">Last Issue: DevSecOps Course: 2026 &#128739;&#65039;&#8230;</div><div class="embedded-post-cta-wrapper"><span class="embedded-post-cta">Read more</span></div><div class="embedded-post-meta">5 months ago &#183; 10 likes &#183; 1 comment &#183; W J Pearce</div></a></div><div class="embedded-post-wrap" data-attrs="{&quot;id&quot;:179038246,&quot;url&quot;:&quot;https://www.cybernotes.tech/p/ai-hacking-cv-project&quot;,&quot;publication_id&quot;:2139894,&quot;publication_name&quot;:&quot;Cyber Notes&quot;,&quot;publication_logo_url&quot;:&quot;https://substackcdn.com/image/fetch/$s_!wiuw!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F96e971cf-35a8-446e-90a7-27e9f627abbb_256x256.png&quot;,&quot;title&quot;:&quot;AI Hacking CV Project &#129302;&quot;,&quot;truncated_body_text&quot;:&quot;Last Issue: 10,000 Readers Giveaway: AWS Cert &#128640;&quot;,&quot;date&quot;:&quot;2026-01-11T19:30:31.233Z&quot;,&quot;like_count&quot;:21,&quot;comment_count&quot;:2,&quot;bylines&quot;:[{&quot;id&quot;:100797762,&quot;name&quot;:&quot;W J Pearce&quot;,&quot;handle&quot;:&quot;wjpearce&quot;,&quot;previous_name&quot;:&quot;Will&quot;,&quot;photo_url&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/31d30c5a-0775-4efa-8cac-b6b9dfda9c05_361x361.jpeg&quot;,&quot;bio&quot;:&quot;Cyber Security Engineer / YouTuber&quot;,&quot;profile_set_up_at&quot;:&quot;2022-08-07T11:22:17.818Z&quot;,&quot;reader_installed_at&quot;:&quot;2024-05-02T20:52:18.368Z&quot;,&quot;publicationUsers&quot;:[{&quot;id&quot;:2145719,&quot;user_id&quot;:100797762,&quot;publication_id&quot;:2139894,&quot;role&quot;:&quot;admin&quot;,&quot;public&quot;:true,&quot;is_primary&quot;:true,&quot;publication&quot;:{&quot;id&quot;:2139894,&quot;name&quot;:&quot;Cyber Notes&quot;,&quot;subdomain&quot;:&quot;wjpearce&quot;,&quot;custom_domain&quot;:&quot;www.cybernotes.tech&quot;,&quot;custom_domain_optional&quot;:false,&quot;hero_text&quot;:&quot;Cloud Security Projects, Essays &amp; Guides. \n\n&#9729;&#65039; Free Cloud Security Starter Pack in welcome Email &#11015;&#65039;&quot;,&quot;logo_url&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/96e971cf-35a8-446e-90a7-27e9f627abbb_256x256.png&quot;,&quot;author_id&quot;:100797762,&quot;primary_user_id&quot;:100797762,&quot;theme_var_background_pop&quot;:&quot;#D10000&quot;,&quot;created_at&quot;:&quot;2023-11-29T08:54:05.799Z&quot;,&quot;email_from_name&quot;:null,&quot;copyright&quot;:&quot;W J Pearce&quot;,&quot;founding_plan_name&quot;:&quot;Founding Member&quot;,&quot;community_enabled&quot;:true,&quot;invite_only&quot;:false,&quot;payments_state&quot;:&quot;enabled&quot;,&quot;language&quot;:null,&quot;explicit&quot;:false,&quot;homepage_type&quot;:&quot;newspaper&quot;,&quot;is_personal_mode&quot;:false,&quot;logo_url_wide&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/2f6186f5-5a97-4636-be78-5a078969b018_4200x800.png&quot;}}],&quot;is_guest&quot;:false,&quot;bestseller_tier&quot;:100,&quot;status&quot;:{&quot;bestsellerTier&quot;:100,&quot;subscriberTier&quot;:null,&quot;leaderboard&quot;:null,&quot;vip&quot;:false,&quot;badge&quot;:{&quot;type&quot;:&quot;bestseller&quot;,&quot;tier&quot;:100},&quot;paidPublicationIds&quot;:[],&quot;subscriber&quot;:null}}],&quot;utm_campaign&quot;:null,&quot;belowTheFold&quot;:false,&quot;type&quot;:&quot;newsletter&quot;,&quot;language&quot;:&quot;en&quot;,&quot;source&quot;:null}" data-component-name="EmbeddedPostToDOM"><a class="embedded-post" native="true" href="https://www.cybernotes.tech/p/ai-hacking-cv-project?utm_source=substack&amp;utm_campaign=post_embed&amp;utm_medium=web"><div class="embedded-post-header"><img class="embedded-post-publication-logo" src="https://substackcdn.com/image/fetch/$s_!wiuw!,w_56,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F96e971cf-35a8-446e-90a7-27e9f627abbb_256x256.png"><span class="embedded-post-publication-name">Cyber Notes</span></div><div class="embedded-post-title-wrapper"><div class="embedded-post-title">AI Hacking CV Project &#129302;</div></div><div class="embedded-post-body">Last Issue: 10,000 Readers Giveaway: AWS Cert &#128640;&#8230;</div><div class="embedded-post-cta-wrapper"><span class="embedded-post-cta">Read more</span></div><div class="embedded-post-meta">6 months ago &#183; 21 likes &#183; 2 comments &#183; W J Pearce</div></a></div><p>This time I want to take it up a notch. </p><p>AI is moving fast, and we&#8217;re slowly transitioning into agentic workflows. It&#8217;s no longer <em><strong>&#8220;user queries model, model maybe hits a database.&#8221;</strong></em> We&#8217;ve got a full blown ecosystem now: Agents talking to agents, running tools, chaining actions</p><h3>So&#8230; we need to understand how attackers are going to use this shift against us.</h3><p>Enter <strong>Strix</strong>: An open-source project that&#8217;s already pulled 20k+ stars on GitHub. It&#8217;s not a wrapper and it&#8217;s not just an MCP hookup. Strix is a team of autonomous AI agents that behave like actual hackers: they run your code dynamically, probe for vulnerabilities and validate findings with proof of concepts instead of dumping a pile of false positives on you. </p><p>Out of the box it ships with an HTTP proxy, browser automation, a terminal, a Python runtime for custom exploits and recon tooling. Multiple agents can run in parallel, share discoveries, and coordinate attacks across different pieces of your app.</p><p>Let&#8217;s set this up together and walk through how it works &#128071;</p><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!AE0g!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3e9e24fe-6ce8-45ac-b347-f0cef00c3fa9_610x403.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!AE0g!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3e9e24fe-6ce8-45ac-b347-f0cef00c3fa9_610x403.png 424w, https://substackcdn.com/image/fetch/$s_!AE0g!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3e9e24fe-6ce8-45ac-b347-f0cef00c3fa9_610x403.png 848w, https://substackcdn.com/image/fetch/$s_!AE0g!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3e9e24fe-6ce8-45ac-b347-f0cef00c3fa9_610x403.png 1272w, https://substackcdn.com/image/fetch/$s_!AE0g!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3e9e24fe-6ce8-45ac-b347-f0cef00c3fa9_610x403.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!AE0g!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3e9e24fe-6ce8-45ac-b347-f0cef00c3fa9_610x403.png" width="610" height="403" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/3e9e24fe-6ce8-45ac-b347-f0cef00c3fa9_610x403.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:403,&quot;width&quot;:610,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:24493,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/194305386?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3e9e24fe-6ce8-45ac-b347-f0cef00c3fa9_610x403.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!AE0g!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3e9e24fe-6ce8-45ac-b347-f0cef00c3fa9_610x403.png 424w, https://substackcdn.com/image/fetch/$s_!AE0g!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3e9e24fe-6ce8-45ac-b347-f0cef00c3fa9_610x403.png 848w, https://substackcdn.com/image/fetch/$s_!AE0g!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3e9e24fe-6ce8-45ac-b347-f0cef00c3fa9_610x403.png 1272w, https://substackcdn.com/image/fetch/$s_!AE0g!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3e9e24fe-6ce8-45ac-b347-f0cef00c3fa9_610x403.png 1456w" sizes="100vw" loading="lazy"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><h3>Prerequisites</h3><ul><li><p>Docker </p></li><li><p>Docker Compose</p></li><li><p>An LLM <strong>(Running Locally or in the cloud with your API key)</strong> </p></li><li><p>Two running Targets <strong>(I will show you how to set these up)</strong></p></li><li><p>An understanding of Github actions <strong>(Not 100% needed but handy)</strong></p></li></ul><p><strong>Just Quickly&#8230;</strong></p><p>One of the coolest things about Strix is its multi agent architecture. You&#8217;ve got a main agent acting as the coordinator, it does the initial recon, maps the attack surface, and decides what needs testing. From there, it spawns specialised sub agents, each tasked with a specific slice of the attack: one hunting for IDORs in the user endpoints, another fuzzing the search API for injection, another probing the auth and password reset flows. They run in parallel, share discoveries back to the main agent and you can monitor and manage each one individually. </p><p>It&#8217;s less &#8220;AI tool running a scan&#8221; and more &#8220;a small pentest team working your app at the same time&#8221; which is exactly why agentic workflows are such a step up from the wrapper and MCP approaches we looked at previously.</p><h3><strong>As usual, I reserve the Projects for community members&#8230;Come join the fun! &#127757;</strong></h3>
      <p>
          <a href="https://www.cybernotes.tech/p/agentic-ai-hacking-project">
              Read more
          </a>
      </p>
   ]]></content:encoded></item><item><title><![CDATA[Deploy Faster on AWS: EC2 vs Lightsail (Hands On Guide)]]></title><description><![CDATA[Deploy OpenClaw...]]></description><link>https://www.cybernotes.tech/p/deploy-faster-on-aws-ec2-vs-lightsail</link><guid isPermaLink="false">https://www.cybernotes.tech/p/deploy-faster-on-aws-ec2-vs-lightsail</guid><dc:creator><![CDATA[W J Pearce]]></dc:creator><pubDate>Sun, 12 Apr 2026 18:30:43 GMT</pubDate><enclosure url="https://substackcdn.com/image/fetch/$s_!U2BI!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Faa776992-cd85-4b27-a0df-9f44cc1c088f_1640x1188.png" length="0" type="image/jpeg"/><content:encoded><![CDATA[<div class="captioned-image-container"><figure><a class="image-link image2" target="_blank" href="https://substackcdn.com/image/fetch/$s_!bJ33!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!bJ33!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 424w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 848w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1272w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!bJ33!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png" width="1344" height="256" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:256,&quot;width&quot;:1344,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:null,&quot;alt&quot;:&quot;&quot;,&quot;title&quot;:&quot;&quot;,&quot;type&quot;:null,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:null,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" title="" srcset="https://substackcdn.com/image/fetch/$s_!bJ33!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 424w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 848w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1272w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1456w" sizes="100vw" fetchpriority="high"></picture><div></div></div></a></figure></div><p><strong>Last Issue: </strong><a href="https://www.cybernotes.tech/p/become-cloud-security-engineer-faster">Become Cloud Security Engineer FASTER</a></p><p><strong>Next Issue:</strong> Project:<strong> </strong>Claude Code Will 10x Your Cloud Security Career (Three Ways)</p><div><hr></div><h3><strong>Both useful but one will give you the skills&#8230; </strong></h3><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!U2BI!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Faa776992-cd85-4b27-a0df-9f44cc1c088f_1640x1188.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!U2BI!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Faa776992-cd85-4b27-a0df-9f44cc1c088f_1640x1188.png 424w, https://substackcdn.com/image/fetch/$s_!U2BI!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Faa776992-cd85-4b27-a0df-9f44cc1c088f_1640x1188.png 848w, https://substackcdn.com/image/fetch/$s_!U2BI!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Faa776992-cd85-4b27-a0df-9f44cc1c088f_1640x1188.png 1272w, https://substackcdn.com/image/fetch/$s_!U2BI!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Faa776992-cd85-4b27-a0df-9f44cc1c088f_1640x1188.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!U2BI!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Faa776992-cd85-4b27-a0df-9f44cc1c088f_1640x1188.png" width="1456" height="1055" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/aa776992-cd85-4b27-a0df-9f44cc1c088f_1640x1188.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:1055,&quot;width&quot;:1456,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:388952,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/180790089?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Faa776992-cd85-4b27-a0df-9f44cc1c088f_1640x1188.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!U2BI!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Faa776992-cd85-4b27-a0df-9f44cc1c088f_1640x1188.png 424w, https://substackcdn.com/image/fetch/$s_!U2BI!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Faa776992-cd85-4b27-a0df-9f44cc1c088f_1640x1188.png 848w, https://substackcdn.com/image/fetch/$s_!U2BI!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Faa776992-cd85-4b27-a0df-9f44cc1c088f_1640x1188.png 1272w, https://substackcdn.com/image/fetch/$s_!U2BI!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Faa776992-cd85-4b27-a0df-9f44cc1c088f_1640x1188.png 1456w" sizes="100vw"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><h3>If you&#8217;re just starting out in cloud, this question comes up a lot. </h3><p>Both run on AWS infrastructure. Both give you a Linux box in the cloud. So what&#8217;s the actual difference, and which one should you touch first?</p><p><strong>Short version: it depends on why you&#8217;re here&#8230; &#128064;</strong></p><div><hr></div><p><strong>If you&#8217;re here to learn Cloud Security or DevSecOps</strong></p><p>Use EC2. </p><p>Every enterprise environment you&#8217;ll encounter, in a job, a lab, a CTF, or a pentest scope runs EC2 or something that behaves like it. Security groups, IAM roles, VPCs, instance metadata endpoints... these aren&#8217;t optional extras. They&#8217;re the attack surface. Lightsail hides most of that from you. Great for shipping a side project; bad for building the skills needed in this field.</p><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!O2Qq!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F99ed1e33-037f-45e9-8a55-3c0e23a560a8_1474x1474.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!O2Qq!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F99ed1e33-037f-45e9-8a55-3c0e23a560a8_1474x1474.png 424w, https://substackcdn.com/image/fetch/$s_!O2Qq!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F99ed1e33-037f-45e9-8a55-3c0e23a560a8_1474x1474.png 848w, https://substackcdn.com/image/fetch/$s_!O2Qq!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F99ed1e33-037f-45e9-8a55-3c0e23a560a8_1474x1474.png 1272w, https://substackcdn.com/image/fetch/$s_!O2Qq!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F99ed1e33-037f-45e9-8a55-3c0e23a560a8_1474x1474.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!O2Qq!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F99ed1e33-037f-45e9-8a55-3c0e23a560a8_1474x1474.png" width="1456" height="1456" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/99ed1e33-037f-45e9-8a55-3c0e23a560a8_1474x1474.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:1456,&quot;width&quot;:1456,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:284116,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/180790089?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F99ed1e33-037f-45e9-8a55-3c0e23a560a8_1474x1474.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!O2Qq!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F99ed1e33-037f-45e9-8a55-3c0e23a560a8_1474x1474.png 424w, https://substackcdn.com/image/fetch/$s_!O2Qq!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F99ed1e33-037f-45e9-8a55-3c0e23a560a8_1474x1474.png 848w, https://substackcdn.com/image/fetch/$s_!O2Qq!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F99ed1e33-037f-45e9-8a55-3c0e23a560a8_1474x1474.png 1272w, https://substackcdn.com/image/fetch/$s_!O2Qq!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F99ed1e33-037f-45e9-8a55-3c0e23a560a8_1474x1474.png 1456w" sizes="100vw" loading="lazy"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p>The EC2 free tier gives you 750 hours/month of a t2.micro. Spin one up, SSH in, break it, rebuild it. </p><div><hr></div><p><strong>If you have an app idea and want it live this weekend&#8230;You&#8217;ve been messing about with Claude Code right?? </strong></p><p>Lightsail is super useful here. Pick a $5/month bundle, choose a one click stack (WordPress, LAMP, Node), and you&#8217;ll have something running in under ten minutes. The networking is pre-wired. The firewall has a simple UI. You get a fixed monthly bill with no surprise line items.</p><ol><li><p>Navigate to the Lightsail Service </p></li></ol><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!TtOl!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F0429e129-1867-4940-a075-fc0d51ea5dc6_2136x1132.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!TtOl!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F0429e129-1867-4940-a075-fc0d51ea5dc6_2136x1132.png 424w, https://substackcdn.com/image/fetch/$s_!TtOl!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F0429e129-1867-4940-a075-fc0d51ea5dc6_2136x1132.png 848w, https://substackcdn.com/image/fetch/$s_!TtOl!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F0429e129-1867-4940-a075-fc0d51ea5dc6_2136x1132.png 1272w, https://substackcdn.com/image/fetch/$s_!TtOl!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F0429e129-1867-4940-a075-fc0d51ea5dc6_2136x1132.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!TtOl!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F0429e129-1867-4940-a075-fc0d51ea5dc6_2136x1132.png" width="1456" height="772" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/0429e129-1867-4940-a075-fc0d51ea5dc6_2136x1132.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:772,&quot;width&quot;:1456,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:135070,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/180790089?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F0429e129-1867-4940-a075-fc0d51ea5dc6_2136x1132.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!TtOl!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F0429e129-1867-4940-a075-fc0d51ea5dc6_2136x1132.png 424w, https://substackcdn.com/image/fetch/$s_!TtOl!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F0429e129-1867-4940-a075-fc0d51ea5dc6_2136x1132.png 848w, https://substackcdn.com/image/fetch/$s_!TtOl!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F0429e129-1867-4940-a075-fc0d51ea5dc6_2136x1132.png 1272w, https://substackcdn.com/image/fetch/$s_!TtOl!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F0429e129-1867-4940-a075-fc0d51ea5dc6_2136x1132.png 1456w" sizes="100vw" loading="lazy"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><ol start="2"><li><p>Choose an existing Blueprint APP Stack</p><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!2ABv!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdb011b63-9d41-4033-bf23-4c69ee91d83c_2142x1410.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!2ABv!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdb011b63-9d41-4033-bf23-4c69ee91d83c_2142x1410.png 424w, https://substackcdn.com/image/fetch/$s_!2ABv!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdb011b63-9d41-4033-bf23-4c69ee91d83c_2142x1410.png 848w, https://substackcdn.com/image/fetch/$s_!2ABv!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdb011b63-9d41-4033-bf23-4c69ee91d83c_2142x1410.png 1272w, https://substackcdn.com/image/fetch/$s_!2ABv!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdb011b63-9d41-4033-bf23-4c69ee91d83c_2142x1410.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!2ABv!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdb011b63-9d41-4033-bf23-4c69ee91d83c_2142x1410.png" width="1456" height="958" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/db011b63-9d41-4033-bf23-4c69ee91d83c_2142x1410.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:958,&quot;width&quot;:1456,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:348429,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/180790089?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdb011b63-9d41-4033-bf23-4c69ee91d83c_2142x1410.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!2ABv!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdb011b63-9d41-4033-bf23-4c69ee91d83c_2142x1410.png 424w, https://substackcdn.com/image/fetch/$s_!2ABv!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdb011b63-9d41-4033-bf23-4c69ee91d83c_2142x1410.png 848w, https://substackcdn.com/image/fetch/$s_!2ABv!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdb011b63-9d41-4033-bf23-4c69ee91d83c_2142x1410.png 1272w, https://substackcdn.com/image/fetch/$s_!2ABv!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdb011b63-9d41-4033-bf23-4c69ee91d83c_2142x1410.png 1456w" sizes="100vw" loading="lazy"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p>or if it&#8217;s a custom app choose OS only</p><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!K2qS!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3b7b6f49-8a9b-426c-9ed3-da3f83a32788_2136x776.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!K2qS!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3b7b6f49-8a9b-426c-9ed3-da3f83a32788_2136x776.png 424w, https://substackcdn.com/image/fetch/$s_!K2qS!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3b7b6f49-8a9b-426c-9ed3-da3f83a32788_2136x776.png 848w, https://substackcdn.com/image/fetch/$s_!K2qS!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3b7b6f49-8a9b-426c-9ed3-da3f83a32788_2136x776.png 1272w, https://substackcdn.com/image/fetch/$s_!K2qS!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3b7b6f49-8a9b-426c-9ed3-da3f83a32788_2136x776.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!K2qS!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3b7b6f49-8a9b-426c-9ed3-da3f83a32788_2136x776.png" width="1456" height="529" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/3b7b6f49-8a9b-426c-9ed3-da3f83a32788_2136x776.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:529,&quot;width&quot;:1456,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:183064,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/180790089?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3b7b6f49-8a9b-426c-9ed3-da3f83a32788_2136x776.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!K2qS!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3b7b6f49-8a9b-426c-9ed3-da3f83a32788_2136x776.png 424w, https://substackcdn.com/image/fetch/$s_!K2qS!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3b7b6f49-8a9b-426c-9ed3-da3f83a32788_2136x776.png 848w, https://substackcdn.com/image/fetch/$s_!K2qS!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3b7b6f49-8a9b-426c-9ed3-da3f83a32788_2136x776.png 1272w, https://substackcdn.com/image/fetch/$s_!K2qS!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3b7b6f49-8a9b-426c-9ed3-da3f83a32788_2136x776.png 1456w" sizes="100vw" loading="lazy"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div></li><li><p>Stick with General purpose here and upload an SSH Key (Or make one)</p></li></ol><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!Nizv!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ffaf4482f-1aa0-4f39-a59b-cb17ad1ead58_1948x1602.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!Nizv!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ffaf4482f-1aa0-4f39-a59b-cb17ad1ead58_1948x1602.png 424w, https://substackcdn.com/image/fetch/$s_!Nizv!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ffaf4482f-1aa0-4f39-a59b-cb17ad1ead58_1948x1602.png 848w, https://substackcdn.com/image/fetch/$s_!Nizv!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ffaf4482f-1aa0-4f39-a59b-cb17ad1ead58_1948x1602.png 1272w, https://substackcdn.com/image/fetch/$s_!Nizv!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ffaf4482f-1aa0-4f39-a59b-cb17ad1ead58_1948x1602.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!Nizv!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ffaf4482f-1aa0-4f39-a59b-cb17ad1ead58_1948x1602.png" width="1456" height="1197" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/faf4482f-1aa0-4f39-a59b-cb17ad1ead58_1948x1602.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:1197,&quot;width&quot;:1456,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:353749,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/180790089?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ffaf4482f-1aa0-4f39-a59b-cb17ad1ead58_1948x1602.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!Nizv!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ffaf4482f-1aa0-4f39-a59b-cb17ad1ead58_1948x1602.png 424w, https://substackcdn.com/image/fetch/$s_!Nizv!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ffaf4482f-1aa0-4f39-a59b-cb17ad1ead58_1948x1602.png 848w, https://substackcdn.com/image/fetch/$s_!Nizv!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ffaf4482f-1aa0-4f39-a59b-cb17ad1ead58_1948x1602.png 1272w, https://substackcdn.com/image/fetch/$s_!Nizv!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ffaf4482f-1aa0-4f39-a59b-cb17ad1ead58_1948x1602.png 1456w" sizes="100vw" loading="lazy"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><ol start="4"><li><p> Connect using the Cloud Shell </p></li></ol><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!G914!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb8dc836c-6a2e-45b7-9546-7d288e5c94c2_2036x1778.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!G914!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb8dc836c-6a2e-45b7-9546-7d288e5c94c2_2036x1778.png 424w, https://substackcdn.com/image/fetch/$s_!G914!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb8dc836c-6a2e-45b7-9546-7d288e5c94c2_2036x1778.png 848w, https://substackcdn.com/image/fetch/$s_!G914!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb8dc836c-6a2e-45b7-9546-7d288e5c94c2_2036x1778.png 1272w, https://substackcdn.com/image/fetch/$s_!G914!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb8dc836c-6a2e-45b7-9546-7d288e5c94c2_2036x1778.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!G914!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb8dc836c-6a2e-45b7-9546-7d288e5c94c2_2036x1778.png" width="1456" height="1271" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/b8dc836c-6a2e-45b7-9546-7d288e5c94c2_2036x1778.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:1271,&quot;width&quot;:1456,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:537324,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/180790089?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb8dc836c-6a2e-45b7-9546-7d288e5c94c2_2036x1778.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!G914!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb8dc836c-6a2e-45b7-9546-7d288e5c94c2_2036x1778.png 424w, https://substackcdn.com/image/fetch/$s_!G914!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb8dc836c-6a2e-45b7-9546-7d288e5c94c2_2036x1778.png 848w, https://substackcdn.com/image/fetch/$s_!G914!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb8dc836c-6a2e-45b7-9546-7d288e5c94c2_2036x1778.png 1272w, https://substackcdn.com/image/fetch/$s_!G914!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb8dc836c-6a2e-45b7-9546-7d288e5c94c2_2036x1778.png 1456w" sizes="100vw" loading="lazy"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><ol start="5"><li><p>Or locally with </p></li></ol><div class="highlighted_code_block" data-attrs="{&quot;language&quot;:&quot;plaintext&quot;,&quot;nodeId&quot;:&quot;114aa279-a161-403b-85c3-4b137abdd46c&quot;}" data-component-name="HighlightedCodeBlockToDOM"><pre class="shiki"><code class="language-plaintext"> chmod 400 /Users/williampearce/Downloads/LightsailDefaultKey-eu-west-2.pem

ssh -i /Users/williampearce/Downloads/LightsailDefaultKey-eu-west-2.pem
      ubuntu@13.135.173.184</code></pre></div><p>I&#8217;m not going to configure OpenClaw here, that&#8217;s not what this is about. I wanted to show you how blazingly quick you can set up a VPS and get stuck into new technology to run a quick test or learn.</p><p><strong>It&#8217;s a good way to validate an idea before you care about infrastructure. Just don&#8217;t expect to learn much about how AWS actually works under the hood.</strong></p><div><hr></div><p><strong>It&#8217;s a question I got last month&#8230;</strong></p><p>Lightsail and EC2 live in separate AWS worlds. A Lightsail instance doesn&#8217;t automatically talk to your EC2 resources, RDS databases, or most other AWS services. If your app grows and you need to bring in Lambda, S3 permissions, or VPC peering, you&#8217;ll hit a wall and probably end up migrating anyway.</p><p>EC2 also has a steeper learning curve on billing. Data transfer costs, EBS volume charges, Elastic IP fees, they can catch you off guard if you&#8217;re not watching the cost</p><div><hr></div><p><strong>Calm, practical &amp; self paced training to help you break into Cloud Security &amp; DevSecOps</strong></p><p>&#128073; Pre-order here: <strong><a href="https://techtwoforty.com/">techtwoforty.com</a></strong></p><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!rKhC!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdf391724-a3fb-477e-9e07-a196a1b008f6_1575x835.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!rKhC!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdf391724-a3fb-477e-9e07-a196a1b008f6_1575x835.png 424w, https://substackcdn.com/image/fetch/$s_!rKhC!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdf391724-a3fb-477e-9e07-a196a1b008f6_1575x835.png 848w, https://substackcdn.com/image/fetch/$s_!rKhC!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdf391724-a3fb-477e-9e07-a196a1b008f6_1575x835.png 1272w, https://substackcdn.com/image/fetch/$s_!rKhC!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdf391724-a3fb-477e-9e07-a196a1b008f6_1575x835.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!rKhC!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdf391724-a3fb-477e-9e07-a196a1b008f6_1575x835.png" width="1456" height="772" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/df391724-a3fb-477e-9e07-a196a1b008f6_1575x835.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:772,&quot;width&quot;:1456,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:555834,&quot;alt&quot;:&quot;&quot;,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/180790089?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff0f4ee27-789b-45a5-bdff-eddb2af3398c_2614x1148.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" title="" srcset="https://substackcdn.com/image/fetch/$s_!rKhC!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdf391724-a3fb-477e-9e07-a196a1b008f6_1575x835.png 424w, https://substackcdn.com/image/fetch/$s_!rKhC!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdf391724-a3fb-477e-9e07-a196a1b008f6_1575x835.png 848w, https://substackcdn.com/image/fetch/$s_!rKhC!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdf391724-a3fb-477e-9e07-a196a1b008f6_1575x835.png 1272w, https://substackcdn.com/image/fetch/$s_!rKhC!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fdf391724-a3fb-477e-9e07-a196a1b008f6_1575x835.png 1456w" sizes="100vw" loading="lazy"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div>]]></content:encoded></item><item><title><![CDATA[Become Cloud Security Engineer FASTER]]></title><description><![CDATA[A podcast with UnixGuy]]></description><link>https://www.cybernotes.tech/p/become-cloud-security-engineer-faster</link><guid isPermaLink="false">https://www.cybernotes.tech/p/become-cloud-security-engineer-faster</guid><dc:creator><![CDATA[W J Pearce]]></dc:creator><pubDate>Sun, 05 Apr 2026 18:30:49 GMT</pubDate><enclosure url="https://substackcdn.com/image/youtube/w_728,c_limit/Mzik9veQiiU" length="0" type="image/jpeg"/><content:encoded><![CDATA[<div class="captioned-image-container"><figure><a class="image-link image2" target="_blank" href="https://substackcdn.com/image/fetch/$s_!bJ33!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!bJ33!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 424w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 848w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1272w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!bJ33!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png" width="1344" height="256" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:256,&quot;width&quot;:1344,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:null,&quot;alt&quot;:&quot;&quot;,&quot;title&quot;:&quot;&quot;,&quot;type&quot;:null,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:null,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" title="" srcset="https://substackcdn.com/image/fetch/$s_!bJ33!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 424w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 848w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1272w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1456w" sizes="100vw" fetchpriority="high"></picture><div></div></div></a></figure></div><p><strong>Last Issue: </strong><a href="https://www.cybernotes.tech/p/get-started-with-docker-mcp-project">Project: Get Started With Docker MCP &#128230;</a></p><p><strong>Next Issue: </strong><a href="http://cybernotes.tech">AWS EC2 vs Lightsail - Which one to start with?</a></p><p><strong>This Issue: </strong><a href="http://cybernotes.tech">Become Cloud Security Engineer FASTER</a></p><div><hr></div><p>I&#8217;ve always looked up to <strong><a href="https://www.linkedin.com/in/abedhamdan/">Abed Hamdan</a></strong> (Unix Guy) and what he does in this space. Having the opportunity to sit down with him last week for a chat all things Cloud Security was a real honour!</p><p>Fare warning, I ramble a little. As a new Dad this year, sleep isn&#8217;t always guaranteed, I&#8217;d had a solid 4 the night before this! </p><h3>- Will AI Steal Cloud Security Jobs?</h3><h3>- What is the most underserved area in Cloud Security Right Now?</h3><h3>- Where should Cloud Security Projects go on your resume? </h3><h3>- What&#8217;s the biggest mistake Cybersecurity Beginners make? </h3><p><br>The <em><strong>&#8220;Yassified&#8220;</strong></em> picture of me on the left here made me chuckle, totally my bad as I forgot to send Unix Guy a photo he could use. </p><div id="youtube2-Mzik9veQiiU" class="youtube-wrap" data-attrs="{&quot;videoId&quot;:&quot;Mzik9veQiiU&quot;,&quot;startTime&quot;:&quot;&quot;,&quot;endTime&quot;:null}" data-component-name="Youtube2ToDOM"><div class="youtube-inner"><iframe src="https://www.youtube-nocookie.com/embed/Mzik9veQiiU?start=&amp;rel=0&amp;autoplay=0&amp;showinfo=0&amp;enablejsapi=0" frameborder="0" loading="lazy" gesture="media" allow="autoplay; fullscreen" allowautoplay="true" allowfullscreen="true" width="728" height="409"></iframe></div></div><div><hr></div><p><strong>Calm, practical &amp; self paced training to help you break into Cloud Security &amp; DevSecOps</strong></p><p>&#128073; Pre-order here: <strong><a href="https://techtwoforty.com/">techtwoforty.com</a></strong></p><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!kcJP!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd519ef04-4cb2-4f0d-a0d2-b058a29ecd9d_1792x1282.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!kcJP!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd519ef04-4cb2-4f0d-a0d2-b058a29ecd9d_1792x1282.png 424w, https://substackcdn.com/image/fetch/$s_!kcJP!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd519ef04-4cb2-4f0d-a0d2-b058a29ecd9d_1792x1282.png 848w, https://substackcdn.com/image/fetch/$s_!kcJP!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd519ef04-4cb2-4f0d-a0d2-b058a29ecd9d_1792x1282.png 1272w, https://substackcdn.com/image/fetch/$s_!kcJP!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd519ef04-4cb2-4f0d-a0d2-b058a29ecd9d_1792x1282.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!kcJP!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd519ef04-4cb2-4f0d-a0d2-b058a29ecd9d_1792x1282.png" width="1456" height="1042" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/d519ef04-4cb2-4f0d-a0d2-b058a29ecd9d_1792x1282.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:1042,&quot;width&quot;:1456,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:null,&quot;alt&quot;:&quot;&quot;,&quot;title&quot;:null,&quot;type&quot;:null,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:null,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" title="" srcset="https://substackcdn.com/image/fetch/$s_!kcJP!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd519ef04-4cb2-4f0d-a0d2-b058a29ecd9d_1792x1282.png 424w, https://substackcdn.com/image/fetch/$s_!kcJP!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd519ef04-4cb2-4f0d-a0d2-b058a29ecd9d_1792x1282.png 848w, https://substackcdn.com/image/fetch/$s_!kcJP!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd519ef04-4cb2-4f0d-a0d2-b058a29ecd9d_1792x1282.png 1272w, https://substackcdn.com/image/fetch/$s_!kcJP!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd519ef04-4cb2-4f0d-a0d2-b058a29ecd9d_1792x1282.png 1456w" sizes="100vw" loading="lazy"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><h2><strong>W J Pearce - Cyber Notes</strong></h2><p></p><p></p><p></p><p></p><p></p><p></p>]]></content:encoded></item><item><title><![CDATA[Project: Get Started With Docker MCP 📦]]></title><description><![CDATA[If you do one project this month, let it be this one.]]></description><link>https://www.cybernotes.tech/p/get-started-with-docker-mcp-project</link><guid isPermaLink="false">https://www.cybernotes.tech/p/get-started-with-docker-mcp-project</guid><dc:creator><![CDATA[W J Pearce]]></dc:creator><pubDate>Sun, 22 Mar 2026 19:30:40 GMT</pubDate><enclosure url="https://substackcdn.com/image/fetch/$s_!YZOF!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F22d69239-681b-4f74-a23b-712b60397f37_984x595.png" length="0" type="image/jpeg"/><content:encoded><![CDATA[<div class="captioned-image-container"><figure><a class="image-link image2" target="_blank" href="https://substackcdn.com/image/fetch/$s_!bJ33!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!bJ33!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 424w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 848w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1272w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!bJ33!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png" width="1344" height="256" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:256,&quot;width&quot;:1344,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:null,&quot;alt&quot;:&quot;&quot;,&quot;title&quot;:&quot;&quot;,&quot;type&quot;:null,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:null,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" title="" srcset="https://substackcdn.com/image/fetch/$s_!bJ33!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 424w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 848w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1272w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1456w" sizes="100vw" fetchpriority="high"></picture><div></div></div></a></figure></div><p><strong>Last Issue: </strong><a href="https://www.cybernotes.tech/p/the-first-devsecops-project">DevSecOps Project Video Walkthrough &#128679;</a></p><p><strong>Next Issue: </strong>AWS EC2 vs Lightsail - Which one to start with? </p><p><strong>This Issue: </strong><a href="http://cybernotes.tech">Get Started With Docker MCP Project &#128230;</a></p><div><hr></div><h4>By the End of This Post, You:</h4><p>&#9989; Understand what MCP is and why it exists<br>&#9989; Have Docker MCP Toolkit running locally<br>&#9989; Connected Claude to an Obsidian MCP server<br>&#9989; Ran your first natural language tool calls<br>&#9989; Know where to go next</p><div><hr></div><h3>This is important to understand&#8230;.</h3><p>Talking to an LLM is easy. Getting an LLM to <em>do something useful</em> in the wild? </p><p>That&#8217;s where it&#8217;s a little more complicated and you need an &#8220;AI Agent.&#8221;</p><p>In cloud security, when you want one service or tool to communicate with another, you usually use an API. For example, a Lambda function might query NIST data and store the results in an S3 bucket.</p><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!YZOF!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F22d69239-681b-4f74-a23b-712b60397f37_984x595.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!YZOF!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F22d69239-681b-4f74-a23b-712b60397f37_984x595.png 424w, https://substackcdn.com/image/fetch/$s_!YZOF!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F22d69239-681b-4f74-a23b-712b60397f37_984x595.png 848w, https://substackcdn.com/image/fetch/$s_!YZOF!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F22d69239-681b-4f74-a23b-712b60397f37_984x595.png 1272w, https://substackcdn.com/image/fetch/$s_!YZOF!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F22d69239-681b-4f74-a23b-712b60397f37_984x595.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!YZOF!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F22d69239-681b-4f74-a23b-712b60397f37_984x595.png" width="984" height="595" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/22d69239-681b-4f74-a23b-712b60397f37_984x595.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:595,&quot;width&quot;:984,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:63237,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/188953648?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F22d69239-681b-4f74-a23b-712b60397f37_984x595.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!YZOF!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F22d69239-681b-4f74-a23b-712b60397f37_984x595.png 424w, https://substackcdn.com/image/fetch/$s_!YZOF!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F22d69239-681b-4f74-a23b-712b60397f37_984x595.png 848w, https://substackcdn.com/image/fetch/$s_!YZOF!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F22d69239-681b-4f74-a23b-712b60397f37_984x595.png 1272w, https://substackcdn.com/image/fetch/$s_!YZOF!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F22d69239-681b-4f74-a23b-712b60397f37_984x595.png 1456w" sizes="100vw" loading="lazy"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p>However, as systems scale and every tool &#8220;speaks&#8221; a different API, integrating them with an AI becomes tangled. You end up writing custom code for each service, handling different authentication flows, and digging through inconsistent documentation every time. That approach doesn&#8217;t scale and is extremely difficult to maintain in an LLM driven setup.</p><p>That&#8217;s exactly the problem MCP is designed to solve.</p><div><hr></div><h2>Very Quickly, What is MCP?</h2><p><strong>MCP or Model Context Protocol</strong> is a standardised way to connect tools to LLMs.</p><p>Instead of writing code to call a tool&#8217;s API directly, you spin up an MCP server that sits in the middle. The server handles all the API calls, authentication and endpoint logic, so your LLM doesn&#8217;t need to know any of it.</p><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!fo6O!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6708ee95-0f99-48e7-9c70-21c41e69b7f2_817x614.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!fo6O!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6708ee95-0f99-48e7-9c70-21c41e69b7f2_817x614.png 424w, https://substackcdn.com/image/fetch/$s_!fo6O!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6708ee95-0f99-48e7-9c70-21c41e69b7f2_817x614.png 848w, https://substackcdn.com/image/fetch/$s_!fo6O!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6708ee95-0f99-48e7-9c70-21c41e69b7f2_817x614.png 1272w, https://substackcdn.com/image/fetch/$s_!fo6O!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6708ee95-0f99-48e7-9c70-21c41e69b7f2_817x614.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!fo6O!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6708ee95-0f99-48e7-9c70-21c41e69b7f2_817x614.png" width="817" height="614" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/6708ee95-0f99-48e7-9c70-21c41e69b7f2_817x614.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:614,&quot;width&quot;:817,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:55650,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/188953648?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6708ee95-0f99-48e7-9c70-21c41e69b7f2_817x614.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!fo6O!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6708ee95-0f99-48e7-9c70-21c41e69b7f2_817x614.png 424w, https://substackcdn.com/image/fetch/$s_!fo6O!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6708ee95-0f99-48e7-9c70-21c41e69b7f2_817x614.png 848w, https://substackcdn.com/image/fetch/$s_!fo6O!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6708ee95-0f99-48e7-9c70-21c41e69b7f2_817x614.png 1272w, https://substackcdn.com/image/fetch/$s_!fo6O!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6708ee95-0f99-48e7-9c70-21c41e69b7f2_817x614.png 1456w" sizes="100vw" loading="lazy"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p>All the LLM needs to do is ask the MCP server to perform a task. The server has the tools, the credentials and the knowledge of how to talk to the endpoint. The LLM stays clean.</p><p>This is why it matters: <strong>most major company is now exposing their tools via MCP</strong>, alongside their traditional API endpoints. It&#8217;s becoming the standard layer between AI and software.</p><div><hr></div><h2>The best way to learn is through projects</h2><p>Here&#8217;s what you&#8217;ll need to set up your first MCP server locally with Docker</p><ul><li><p><strong>Docker Desktop</strong> (latest version)</p></li><li><p><strong>An LLM app</strong> Claude Desktop, LM Studio or Cursor all work</p></li><li><p><strong>Claude Code</strong> (optional but recommended)</p></li></ul><div><hr></div><h1><strong>Project Time &#128640;</strong></h1><h3><strong>I reserve the Projects for community members&#8230;Come join the fun! &#127757;</strong></h3>
      <p>
          <a href="https://www.cybernotes.tech/p/get-started-with-docker-mcp-project">
              Read more
          </a>
      </p>
   ]]></content:encoded></item><item><title><![CDATA[DevSecOps Project Video Walkthrough 🚧]]></title><description><![CDATA[Video Walkthrough...]]></description><link>https://www.cybernotes.tech/p/the-first-devsecops-project</link><guid isPermaLink="false">https://www.cybernotes.tech/p/the-first-devsecops-project</guid><dc:creator><![CDATA[W J Pearce]]></dc:creator><pubDate>Sun, 15 Mar 2026 19:30:51 GMT</pubDate><enclosure url="https://substackcdn.com/image/fetch/$s_!kcJP!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd519ef04-4cb2-4f0d-a0d2-b058a29ecd9d_1792x1282.png" length="0" type="image/jpeg"/><content:encoded><![CDATA[<div class="captioned-image-container"><figure><a class="image-link image2" target="_blank" href="https://substackcdn.com/image/fetch/$s_!bJ33!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!bJ33!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 424w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 848w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1272w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!bJ33!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png" width="1344" height="256" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:256,&quot;width&quot;:1344,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:null,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:null,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:null,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!bJ33!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 424w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 848w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1272w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1456w" sizes="100vw" fetchpriority="high"></picture><div></div></div></a></figure></div><p><strong>Quick heads Up: </strong><em>The Pre Order pricing on my <strong>Cloud Security &amp; DevSecOps Beginners Academy</strong>, is coming to an end soon&#8230;.</em></p><p><strong>&#127891; The Full Course</strong></p><p><strong>&#129517; Career Path Template</strong></p><p><strong>&#128196; CV / Portfolio Template (Built for Technical Roles)</strong></p><p><strong>&#128188; Portfolio Projects That Help Get You Hire</strong>d</p><p>&#128073; Pre-order here: <strong><a href="https://techtwoforty.com/">techtwoforty.com</a></strong></p><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!kcJP!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd519ef04-4cb2-4f0d-a0d2-b058a29ecd9d_1792x1282.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!kcJP!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd519ef04-4cb2-4f0d-a0d2-b058a29ecd9d_1792x1282.png 424w, https://substackcdn.com/image/fetch/$s_!kcJP!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd519ef04-4cb2-4f0d-a0d2-b058a29ecd9d_1792x1282.png 848w, https://substackcdn.com/image/fetch/$s_!kcJP!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd519ef04-4cb2-4f0d-a0d2-b058a29ecd9d_1792x1282.png 1272w, https://substackcdn.com/image/fetch/$s_!kcJP!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd519ef04-4cb2-4f0d-a0d2-b058a29ecd9d_1792x1282.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!kcJP!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd519ef04-4cb2-4f0d-a0d2-b058a29ecd9d_1792x1282.png" width="1456" height="1042" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/d519ef04-4cb2-4f0d-a0d2-b058a29ecd9d_1792x1282.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:1042,&quot;width&quot;:1456,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:760697,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/190847658?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd519ef04-4cb2-4f0d-a0d2-b058a29ecd9d_1792x1282.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!kcJP!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd519ef04-4cb2-4f0d-a0d2-b058a29ecd9d_1792x1282.png 424w, https://substackcdn.com/image/fetch/$s_!kcJP!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd519ef04-4cb2-4f0d-a0d2-b058a29ecd9d_1792x1282.png 848w, https://substackcdn.com/image/fetch/$s_!kcJP!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd519ef04-4cb2-4f0d-a0d2-b058a29ecd9d_1792x1282.png 1272w, https://substackcdn.com/image/fetch/$s_!kcJP!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fd519ef04-4cb2-4f0d-a0d2-b058a29ecd9d_1792x1282.png 1456w" sizes="100vw"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><div><hr></div><h3>Simple starter DevSecOps project&#8230;</h3><p>I want to give you a complete walkthrough here and the kind of the content and teaching style that will be in <strong>Tech Two Forty. </strong></p><div id="youtube2-6HNetAnewCA" class="youtube-wrap" data-attrs="{&quot;videoId&quot;:&quot;6HNetAnewCA&quot;,&quot;startTime&quot;:null,&quot;endTime&quot;:null}" data-component-name="Youtube2ToDOM"><div class="youtube-inner"><iframe src="https://www.youtube-nocookie.com/embed/6HNetAnewCA?rel=0&amp;autoplay=0&amp;showinfo=0&amp;enablejsapi=0" frameborder="0" loading="lazy" gesture="media" allow="autoplay; fullscreen" allowautoplay="true" allowfullscreen="true" width="728" height="409"></iframe></div></div><p><strong>Let me know what you think</strong></p><div><hr></div><p><strong>Calm, practical &amp; self paced training to help you break into Cloud Security &amp; DevSecOps</strong></p><p>&#128073; Pre-order here: <strong><a href="https://techtwoforty.com/">techtwoforty.com</a></strong></p><h2><strong>W J Pearce - Cyber Notes</strong></h2>]]></content:encoded></item><item><title><![CDATA[AWS Project: Security Agent🕵️]]></title><description><![CDATA[New AWS Security Service: AI / Security Project you could do over the weekend.]]></description><link>https://www.cybernotes.tech/p/aws-project-security-agent</link><guid isPermaLink="false">https://www.cybernotes.tech/p/aws-project-security-agent</guid><dc:creator><![CDATA[W J Pearce]]></dc:creator><pubDate>Sun, 01 Mar 2026 19:30:28 GMT</pubDate><enclosure url="https://substackcdn.com/image/fetch/$s_!PgG0!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fcfe2009f-bc55-4fd1-881c-17c5875915ae_2531x734.png" length="0" type="image/jpeg"/><content:encoded><![CDATA[<div class="captioned-image-container"><figure><a class="image-link image2" target="_blank" href="https://substackcdn.com/image/fetch/$s_!bJ33!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!bJ33!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 424w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 848w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1272w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!bJ33!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png" width="1344" height="256" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:256,&quot;width&quot;:1344,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:null,&quot;alt&quot;:&quot;&quot;,&quot;title&quot;:&quot;&quot;,&quot;type&quot;:null,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:null,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" title="" srcset="https://substackcdn.com/image/fetch/$s_!bJ33!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 424w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 848w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1272w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1456w" sizes="100vw" fetchpriority="high"></picture><div></div></div></a></figure></div><p><strong>Quick heads Up: </strong><em>The Pre Order pricing on Tech Two Forty: <strong>Cloud Security &amp; DevSecOps Beginners Academy</strong>, is coming to an end soon&#8230;.</em></p><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!w1gd!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F477ccdc7-99fa-479c-a2c9-4ddbcf0f2423_772x280.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!w1gd!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F477ccdc7-99fa-479c-a2c9-4ddbcf0f2423_772x280.png 424w, https://substackcdn.com/image/fetch/$s_!w1gd!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F477ccdc7-99fa-479c-a2c9-4ddbcf0f2423_772x280.png 848w, https://substackcdn.com/image/fetch/$s_!w1gd!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F477ccdc7-99fa-479c-a2c9-4ddbcf0f2423_772x280.png 1272w, https://substackcdn.com/image/fetch/$s_!w1gd!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F477ccdc7-99fa-479c-a2c9-4ddbcf0f2423_772x280.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!w1gd!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F477ccdc7-99fa-479c-a2c9-4ddbcf0f2423_772x280.png" width="772" height="280" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/477ccdc7-99fa-479c-a2c9-4ddbcf0f2423_772x280.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:280,&quot;width&quot;:772,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:65189,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/185824827?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F477ccdc7-99fa-479c-a2c9-4ddbcf0f2423_772x280.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!w1gd!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F477ccdc7-99fa-479c-a2c9-4ddbcf0f2423_772x280.png 424w, https://substackcdn.com/image/fetch/$s_!w1gd!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F477ccdc7-99fa-479c-a2c9-4ddbcf0f2423_772x280.png 848w, https://substackcdn.com/image/fetch/$s_!w1gd!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F477ccdc7-99fa-479c-a2c9-4ddbcf0f2423_772x280.png 1272w, https://substackcdn.com/image/fetch/$s_!w1gd!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F477ccdc7-99fa-479c-a2c9-4ddbcf0f2423_772x280.png 1456w" sizes="100vw"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p>&#10004; Build real Cloud Security &amp; DevSecOps skills from scratch</p><p>&#10004; Follow a clear career roadmap (so you&#8217;re not guessing what to learn next)</p><p>&#10004; Create starter portfolio projects recruiters actually care about</p><p>&#10004; Use CV + portfolio templates built for technical roles</p><p>&#10004; Learn Linux, AWS, Containers, CI/CD security, Scripting, AI security and more</p><p><em><strong>Designed for beginners and busy professionals who want a calmer, clearer way into Cloud Security &amp; DevSecOps.</strong></em></p><p>&#128073; Pre-order here: <strong><a href="https://stan.store/wjpearce/p/pre-order-tech-two-forty-zqrk3784">techtwoforty.com</a></strong></p><div><hr></div><h1>What is AWS Security Agent?</h1><p>At a high level, it does three things:</p><ol><li><p><strong>Architecture design reviews</strong></p></li><li><p><strong>Code review in pull requests</strong></p></li><li><p><strong>On demand penetration testing</strong></p></li></ol><p>The promise is simple: security feedback early, contextual and inside the workflow engineers already use.</p><p>It&#8217;s currently in public preview, and it&#8217;s AWS attempt at bringing AI assisted security across your entire SDLC.</p><p>This weekend I tested the <strong>Code Review</strong> capability.</p><p>Pen testing is powerful too, but that requires verified domains and a bit more setup, so i&#8217;ll cover that in a separate project</p><h1>Project Time &#128640;</h1><h3><strong>I reserve the Projects for community members&#8230;Come join the fun! &#127757;</strong></h3><p></p>
      <p>
          <a href="https://www.cybernotes.tech/p/aws-project-security-agent">
              Read more
          </a>
      </p>
   ]]></content:encoded></item><item><title><![CDATA[Cloud Security & DevSecOps Beginners Academy]]></title><description><![CDATA[The wait is over...]]></description><link>https://www.cybernotes.tech/p/cloud-security-and-devsecops-beginners</link><guid isPermaLink="false">https://www.cybernotes.tech/p/cloud-security-and-devsecops-beginners</guid><dc:creator><![CDATA[W J Pearce]]></dc:creator><pubDate>Sun, 15 Feb 2026 19:30:22 GMT</pubDate><enclosure url="https://substackcdn.com/image/fetch/$s_!qFue!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F1a29cf1c-7cf8-400a-bb98-1931d14d9448_1536x1024.png" length="0" type="image/jpeg"/><content:encoded><![CDATA[<p>After the overwhelming feedback and requests from <strong>TechOneTwenty</strong> I&#8217;m finally building a <strong>DevSecOps &amp; Cloud Security Beginners Academy.</strong></p><h3><strong>Early bird pre-order is live (discounted)</strong> &#11015;&#65039;</h3><p><em>The people who understand <strong>Cloud Security</strong> &amp; <strong>DevSecOps</strong> are more needed than ever. Reboot and start in Cloud Security &amp; DevSecOps with projects you can do at home, through self paced visual learning.</em></p><p>&#128073; Pre-order here: <strong><a href="https://techtwoforty.com/">techtwoforty.com</a></strong></p><div><hr></div><h1><strong>Cloud Security &amp; DevSecOps for Beginners</strong></h1><p><strong>Practical &amp; self paced to help you:</strong></p><p>&#127891; Learn Linux, AWS, Containers, AI Security Workflows, Scripting, CI/CD Security and more.</p><p>&#129517; Follow a clear Cloud Security &amp; DevSecOps career roadmap</p><p>&#128188; Build starter portfolio projects</p><p>&#128196; Use CV + portfolio templates built for technical roles</p><p>Designed for beginners and busy professionals who want a calmer, clearer way into Cloud Security &amp; DevSecOps.</p><div><hr></div><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!UopF!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6840f35a-4c72-401f-a552-30286d469fbb_1472x516.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!UopF!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6840f35a-4c72-401f-a552-30286d469fbb_1472x516.png 424w, https://substackcdn.com/image/fetch/$s_!UopF!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6840f35a-4c72-401f-a552-30286d469fbb_1472x516.png 848w, https://substackcdn.com/image/fetch/$s_!UopF!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6840f35a-4c72-401f-a552-30286d469fbb_1472x516.png 1272w, https://substackcdn.com/image/fetch/$s_!UopF!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6840f35a-4c72-401f-a552-30286d469fbb_1472x516.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!UopF!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6840f35a-4c72-401f-a552-30286d469fbb_1472x516.png" width="1456" height="510" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/6840f35a-4c72-401f-a552-30286d469fbb_1472x516.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:510,&quot;width&quot;:1456,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:377499,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/187498691?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6840f35a-4c72-401f-a552-30286d469fbb_1472x516.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!UopF!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6840f35a-4c72-401f-a552-30286d469fbb_1472x516.png 424w, https://substackcdn.com/image/fetch/$s_!UopF!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6840f35a-4c72-401f-a552-30286d469fbb_1472x516.png 848w, https://substackcdn.com/image/fetch/$s_!UopF!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6840f35a-4c72-401f-a552-30286d469fbb_1472x516.png 1272w, https://substackcdn.com/image/fetch/$s_!UopF!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6840f35a-4c72-401f-a552-30286d469fbb_1472x516.png 1456w" sizes="100vw" loading="lazy"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><h1><strong>What&#8217;s Included &#128640;</strong></h1><h2><strong>&#127891; The Full Course</strong></h2><p><strong>Step by step Cloud Security &amp; DevSecOps training covering:</strong></p><p>&#128421;&#65039; Linux &#8211; system administration &amp; hardening</p><p>&#128013; Automation &#8211; Bash and Python scripting</p><p>&#9729;&#65039; Cloud &#8211; AWS security architecture</p><p>&#128230; IaC &#8211; Terraform / Ansible</p><p>&#128051; Containers &#8211; Docker security</p><p>&#128257; CI/CD &#8211; GitHub Actions with SAST/SCA</p><p>&#128272; Secrets &#8211; production secrets management</p><p>&#128203; Compliance &#8211; CIS benchmarks</p><p>&#129302; AI &#8211; securing AI in production</p><p>All taught through practical examples and projects. </p><div><hr></div><h2><strong>&#129517; Career Path Template</strong></h2><p><strong>A clear roadmap showing:</strong></p><ul><li><p>Which skills to build first</p></li><li><p>How to sequence your projects</p></li><li><p>What roles you&#8217;re realistically targeting at each stage</p></li></ul><p>So you&#8217;re not guessing what comes next.</p><div><hr></div><h2><strong>&#128196; CV / Portfolio Template (Built for Technical Roles)</strong></h2><p><strong>Learn exactly how to present your work:</strong></p><ul><li><p>How to document projects properly</p></li><li><p>What to put on your CV (and what to cut)</p></li><li><p>How to explain architecture decisions, security controls, and tooling</p></li><li><p>Example write ups you can reuse for GitHub, LinkedIn, and applications</p></li></ul><div><hr></div><h2><strong>&#128188; Portfolio Projects That Help You Get Hired</strong></h2><p><strong>You&#8217;ll build projects recruiters actually care about:</strong></p><ul><li><p>Secure automated environments using IaC</p></li><li><p>CI/CD pipelines with security gates</p></li><li><p>End to end deployments that show you can hit the ground running</p></li></ul><p><strong>I&#8217;ll show you:</strong></p><ul><li><p>What hiring managers look for</p></li><li><p>How to structure projects</p></li><li><p>How to communicate impact clearly</p></li></ul><div><hr></div><h3>&#11015;&#65039; <strong>Early bird pre-order is live (discounted)</strong> &#11015;&#65039;</h3><p>&#128073; Pre-order here: <strong><a href="https://techtwoforty.com/">techtwoforty.com</a></strong></p><div><hr></div><h2><strong>Meet the Lecturer &#128104;&#8205;&#127979;</strong></h2><p><strong>I built Tech Two Forty because I&#8217;m done with &#8220;cyber gurus&#8221; shouting about the hustle.</strong></p><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!BqQE!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe725a075-57f2-42bb-9243-20ee75f59449_1170x1448.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!BqQE!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe725a075-57f2-42bb-9243-20ee75f59449_1170x1448.png 424w, https://substackcdn.com/image/fetch/$s_!BqQE!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe725a075-57f2-42bb-9243-20ee75f59449_1170x1448.png 848w, https://substackcdn.com/image/fetch/$s_!BqQE!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe725a075-57f2-42bb-9243-20ee75f59449_1170x1448.png 1272w, https://substackcdn.com/image/fetch/$s_!BqQE!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe725a075-57f2-42bb-9243-20ee75f59449_1170x1448.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!BqQE!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe725a075-57f2-42bb-9243-20ee75f59449_1170x1448.png" width="1170" height="1448" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/e725a075-57f2-42bb-9243-20ee75f59449_1170x1448.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:1448,&quot;width&quot;:1170,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:null,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:null,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:null,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!BqQE!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe725a075-57f2-42bb-9243-20ee75f59449_1170x1448.png 424w, https://substackcdn.com/image/fetch/$s_!BqQE!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe725a075-57f2-42bb-9243-20ee75f59449_1170x1448.png 848w, https://substackcdn.com/image/fetch/$s_!BqQE!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe725a075-57f2-42bb-9243-20ee75f59449_1170x1448.png 1272w, https://substackcdn.com/image/fetch/$s_!BqQE!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fe725a075-57f2-42bb-9243-20ee75f59449_1170x1448.png 1456w" sizes="100vw" loading="lazy"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p>Eight years ago, I began my security journey, and it changed my life. It took me from feeling lost to becoming a Senior Cloud Security Engineer, but the road there was unnecessarily lonely and tough.</p><p>I&#8217;m dyslexic, and growing up I really struggled with traditional academic learning. Most tech education just didn&#8217;t work for how my brain works. Things only clicked once I found a clearer, more practical way to learn.</p><p>That&#8217;s exactly why I built Tech Two Forty. I&#8217;ve worked with neurodivergent experienced teachers to make it neurodivergent friendly, especially for ADHD and dyslexia, but it&#8217;s designed for anyone who wants learning to feel simpler, calmer and more human.</p><p>A content creator (still pondering that title), and the author behind TechOneTwenty and Cyber Notes, dedicated to being the guide I once needed. No gatekeeping.</p><p>Just a clear, practical path into Cloud Security &amp; DevSecOps.</p><p><strong>You&#8217;ve got this. Let&#8217;s go.</strong></p><h2><strong>Frequently Asked Questions&#10067;</strong></h2><h3>How can you charge so little?</h3><p>Education should be accessible to everyone. Charging &#163;500+ for bootcamps is <strong>bs</strong> and simply not fair.</p><p>My passion is teaching, and I&#8217;ve chosen to keep this affordable so more people can break into cloud security without financial pressure.</p><div><hr></div><h3>Is this beginner friendly?</h3><p>Yes. No prior experience required just commitment.</p><div><hr></div><h3>Will this help me get hired?</h3><p>Yes. This course is built around portfolio projects recruiters actually care about. You&#8217;ll learn how to document your work, explain architectural decisions, and present projects professionally on your CV and LinkedIn. </p><p><strong>Any influencer saying they will get you a job is lying to you</strong>, but will this course really really help? Yes, 100% it will.</p><div><hr></div><h3>Can I do this alongside a full time job?</h3><p>Absolutely. The course is self paced and designed for evenings and weekends.</p><div><hr></div><h2><strong>&#8220;No Stress&#8221; Guarantee &#128524;</strong></h2><p>I understand you have options. If you decide this isn&#8217;t the right fit for you within the first 72 hours, I&#8217;ll refund you in full, no questions asked.</p><p>I&#8217;m here to help you succeed, and that starts with making sure you feel confident in your purchase. Any questions, just ask.</p><h3>&#11015;&#65039; <strong>Early bird pre-order is live (discounted)</strong> &#11015;&#65039;</h3><p>Build real Cloud Security projects at home</p><p>&#128073; Pre-order here: <strong><a href="https://techtwoforty.com/">techtwoforty.com</a></strong></p><div><hr></div><h2>W J Pearce - Cyber Notes</h2>]]></content:encoded></item><item><title><![CDATA[Easy AI Pentesting Project 💉]]></title><description><![CDATA[PentestGPT is CRAZY Good...]]></description><link>https://www.cybernotes.tech/p/ai-pentesting-project</link><guid isPermaLink="false">https://www.cybernotes.tech/p/ai-pentesting-project</guid><dc:creator><![CDATA[W J Pearce]]></dc:creator><pubDate>Sun, 08 Feb 2026 19:30:37 GMT</pubDate><enclosure url="https://substackcdn.com/image/fetch/$s_!bqeS!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3dd69a44-59c5-42e2-b72d-50e40ebf663b_871x501.png" length="0" type="image/jpeg"/><content:encoded><![CDATA[<div class="captioned-image-container"><figure><a class="image-link image2" target="_blank" href="https://substackcdn.com/image/fetch/$s_!bJ33!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!bJ33!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 424w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 848w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1272w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!bJ33!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png" width="1344" height="256" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:256,&quot;width&quot;:1344,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:null,&quot;alt&quot;:&quot;&quot;,&quot;title&quot;:&quot;&quot;,&quot;type&quot;:null,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:null,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" title="" srcset="https://substackcdn.com/image/fetch/$s_!bJ33!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 424w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 848w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1272w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1456w" sizes="100vw" fetchpriority="high"></picture><div></div></div></a></figure></div><p><strong>Last Issue: </strong><a href="https://wjpearce.substack.com/p/free-devsecops-course-2026">DevSecOps Course: 2026 &#128739;&#65039;</a></p><p><strong>Next Issue:</strong> I&#8217;m launching a world first project&#8230;</p><p><strong>This Issue:<a href="http://cybernotes.tech"> </a></strong><a href="http://cybernotes.tech">AI Pentesting Project</a></p><div><hr></div><p>This week we are setting up and testing PentestGPT, i&#8217;m going to assume you can guess what this one does already. </p><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!bqeS!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3dd69a44-59c5-42e2-b72d-50e40ebf663b_871x501.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!bqeS!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3dd69a44-59c5-42e2-b72d-50e40ebf663b_871x501.png 424w, https://substackcdn.com/image/fetch/$s_!bqeS!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3dd69a44-59c5-42e2-b72d-50e40ebf663b_871x501.png 848w, https://substackcdn.com/image/fetch/$s_!bqeS!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3dd69a44-59c5-42e2-b72d-50e40ebf663b_871x501.png 1272w, https://substackcdn.com/image/fetch/$s_!bqeS!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3dd69a44-59c5-42e2-b72d-50e40ebf663b_871x501.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!bqeS!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3dd69a44-59c5-42e2-b72d-50e40ebf663b_871x501.png" width="871" height="501" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/3dd69a44-59c5-42e2-b72d-50e40ebf663b_871x501.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:501,&quot;width&quot;:871,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:580966,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/186625801?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3dd69a44-59c5-42e2-b72d-50e40ebf663b_871x501.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!bqeS!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3dd69a44-59c5-42e2-b72d-50e40ebf663b_871x501.png 424w, https://substackcdn.com/image/fetch/$s_!bqeS!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3dd69a44-59c5-42e2-b72d-50e40ebf663b_871x501.png 848w, https://substackcdn.com/image/fetch/$s_!bqeS!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3dd69a44-59c5-42e2-b72d-50e40ebf663b_871x501.png 1272w, https://substackcdn.com/image/fetch/$s_!bqeS!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3dd69a44-59c5-42e2-b72d-50e40ebf663b_871x501.png 1456w" sizes="100vw"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><h3>PentestGPT can</h3><ul><li><p>&#65279;&#65279;Perform end to end automatic penetration testing without<br>human expert knowledge</p></li><li><p>&#65279;&#65279;Exploit the vulnerabilities and generate PoCs </p></li><li><p>Automatically generate reports</p></li></ul><p>To be clear: this is a <strong>fun project</strong> for the weekend, not necessarily something that&#8217;s going to redefine your CV. However, it is a pretty cool case study in how AI can <strong>speed up, not replace, the penetration testing process.</strong> It handles the "grunt work" of parsing scan results and suggesting the next logical command. </p><p>While tools like this are 100% going to be (and already are) being used in workflows, it still lacks adversarial intuition. It struggles with the contextual nuance. It might find a vulnerability but miss the &#8220;business logic&#8221; flaw that makes it critical.</p><h3>The approach</h3><p>As you probably know from using ChatGPT, LLMs tend to prioritise the most recent instruction you gave them, often losing sight of the broader objective. In a penetration test, where you might be juggling three different open ports while trying to maintain your initial foothold it&#8217;s not ideal. The AI literally &#8220;forgets the mission&#8221; while focusing on a single terminal error.</p><p>To combat this, the research team (who presented this at <strong>USENIX Security</strong>) split the process into three distinct modules to keep the &#8220;brain&#8221; on track:</p><div class="captioned-image-container"><figure><a class="image-link image2" target="_blank" href="https://substackcdn.com/image/fetch/$s_!v4Co!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F181455fc-1d0c-44b1-8f2a-dde0ce4cd71e_833x218.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!v4Co!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F181455fc-1d0c-44b1-8f2a-dde0ce4cd71e_833x218.png 424w, https://substackcdn.com/image/fetch/$s_!v4Co!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F181455fc-1d0c-44b1-8f2a-dde0ce4cd71e_833x218.png 848w, https://substackcdn.com/image/fetch/$s_!v4Co!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F181455fc-1d0c-44b1-8f2a-dde0ce4cd71e_833x218.png 1272w, https://substackcdn.com/image/fetch/$s_!v4Co!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F181455fc-1d0c-44b1-8f2a-dde0ce4cd71e_833x218.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!v4Co!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F181455fc-1d0c-44b1-8f2a-dde0ce4cd71e_833x218.png" width="833" height="218" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/181455fc-1d0c-44b1-8f2a-dde0ce4cd71e_833x218.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:218,&quot;width&quot;:833,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:136239,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/186625801?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F181455fc-1d0c-44b1-8f2a-dde0ce4cd71e_833x218.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!v4Co!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F181455fc-1d0c-44b1-8f2a-dde0ce4cd71e_833x218.png 424w, https://substackcdn.com/image/fetch/$s_!v4Co!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F181455fc-1d0c-44b1-8f2a-dde0ce4cd71e_833x218.png 848w, https://substackcdn.com/image/fetch/$s_!v4Co!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F181455fc-1d0c-44b1-8f2a-dde0ce4cd71e_833x218.png 1272w, https://substackcdn.com/image/fetch/$s_!v4Co!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F181455fc-1d0c-44b1-8f2a-dde0ce4cd71e_833x218.png 1456w" sizes="100vw" loading="lazy"></picture><div></div></div></a></figure></div><p>You can read more here: <a href="https://pentestgpt.com/paper.html">https://pentestgpt.com/paper.html </a></p><h3><strong>Project Time&#8230;. &#128640;</strong></h3><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!WdA0!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8c03792b-4bb8-4339-9d3c-04040084cadf_889x446.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!WdA0!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8c03792b-4bb8-4339-9d3c-04040084cadf_889x446.png 424w, https://substackcdn.com/image/fetch/$s_!WdA0!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8c03792b-4bb8-4339-9d3c-04040084cadf_889x446.png 848w, https://substackcdn.com/image/fetch/$s_!WdA0!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8c03792b-4bb8-4339-9d3c-04040084cadf_889x446.png 1272w, https://substackcdn.com/image/fetch/$s_!WdA0!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8c03792b-4bb8-4339-9d3c-04040084cadf_889x446.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!WdA0!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8c03792b-4bb8-4339-9d3c-04040084cadf_889x446.png" width="889" height="446" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/8c03792b-4bb8-4339-9d3c-04040084cadf_889x446.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:446,&quot;width&quot;:889,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:28531,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/186625801?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8c03792b-4bb8-4339-9d3c-04040084cadf_889x446.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!WdA0!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8c03792b-4bb8-4339-9d3c-04040084cadf_889x446.png 424w, https://substackcdn.com/image/fetch/$s_!WdA0!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8c03792b-4bb8-4339-9d3c-04040084cadf_889x446.png 848w, https://substackcdn.com/image/fetch/$s_!WdA0!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8c03792b-4bb8-4339-9d3c-04040084cadf_889x446.png 1272w, https://substackcdn.com/image/fetch/$s_!WdA0!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8c03792b-4bb8-4339-9d3c-04040084cadf_889x446.png 1456w" sizes="100vw" loading="lazy"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><h3><strong>As usual, I reserve the Projects for community members&#8230;Come join the fun! &#127757;</strong></h3>
      <p>
          <a href="https://www.cybernotes.tech/p/ai-pentesting-project">
              Read more
          </a>
      </p>
   ]]></content:encoded></item><item><title><![CDATA[Free DevSecOps Course: 2026 🛣️]]></title><description><![CDATA[Build your own road...]]></description><link>https://www.cybernotes.tech/p/free-devsecops-course-2026</link><guid isPermaLink="false">https://www.cybernotes.tech/p/free-devsecops-course-2026</guid><dc:creator><![CDATA[W J Pearce]]></dc:creator><pubDate>Sun, 25 Jan 2026 19:30:26 GMT</pubDate><enclosure url="https://substackcdn.com/image/fetch/$s_!zZ3M!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F233118be-ad9f-4439-bd5b-62cfff70200c_1584x396.png" length="0" type="image/jpeg"/><content:encoded><![CDATA[<div class="captioned-image-container"><figure><a class="image-link image2" target="_blank" href="https://substackcdn.com/image/fetch/$s_!bJ33!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!bJ33!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 424w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 848w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1272w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!bJ33!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png" width="1344" height="256" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:256,&quot;width&quot;:1344,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:null,&quot;alt&quot;:&quot;&quot;,&quot;title&quot;:&quot;&quot;,&quot;type&quot;:null,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:null,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" title="" srcset="https://substackcdn.com/image/fetch/$s_!bJ33!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 424w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 848w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1272w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1456w" sizes="100vw" fetchpriority="high"></picture><div></div></div></a></figure></div><p><strong>Last Issue: </strong><a href="https://wjpearce.substack.com/p/ai-hacking-cv-project">AI Hacking CV Project &#129302;</a></p><p><strong>Next Issue:</strong> &#128679; Secret Project &#128679;</p><p><strong>This Issue: </strong><a href="http://cybernotes.tech">DevSecOps Course: 2026</a>  &#128739;&#65039;</p><div><hr></div><h3>Buying a course can make you feel like you&#8217;ve done the work, without actually putting in the work. </h3><p>I understand the psychology of paying for a course, you are paying for <strong>curation</strong> and <strong>accountability</strong>. I&#8217;ve bought courses thinking, <em>&#8220;I&#8217;ve paid for this, so I&#8217;ll do it.&#8221;</em> And I still think buying courses is a great way to support your favourite creators. If you like the a particular teaching style, then that&#8217;s a great reason. </p><p>I imagine that, like most of my readers, you&#8217;re right at the start of your career. The best thing you can do right now is <strong>pick a lane and study it properly.</strong> However, since you aren&#8217;t paying money, you must pay with <strong>discipline</strong>.</p><p>So here is my free, custom DevSecOps course, pieced together from tools, resources, and free courses you can put together yourself.</p><div class="captioned-image-container"><figure><a class="image-link image2" target="_blank" href="https://substackcdn.com/image/fetch/$s_!zZ3M!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F233118be-ad9f-4439-bd5b-62cfff70200c_1584x396.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!zZ3M!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F233118be-ad9f-4439-bd5b-62cfff70200c_1584x396.png 424w, https://substackcdn.com/image/fetch/$s_!zZ3M!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F233118be-ad9f-4439-bd5b-62cfff70200c_1584x396.png 848w, https://substackcdn.com/image/fetch/$s_!zZ3M!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F233118be-ad9f-4439-bd5b-62cfff70200c_1584x396.png 1272w, https://substackcdn.com/image/fetch/$s_!zZ3M!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F233118be-ad9f-4439-bd5b-62cfff70200c_1584x396.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!zZ3M!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F233118be-ad9f-4439-bd5b-62cfff70200c_1584x396.png" width="1456" height="364" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/233118be-ad9f-4439-bd5b-62cfff70200c_1584x396.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:364,&quot;width&quot;:1456,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:1170798,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/185193423?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F233118be-ad9f-4439-bd5b-62cfff70200c_1584x396.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!zZ3M!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F233118be-ad9f-4439-bd5b-62cfff70200c_1584x396.png 424w, https://substackcdn.com/image/fetch/$s_!zZ3M!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F233118be-ad9f-4439-bd5b-62cfff70200c_1584x396.png 848w, https://substackcdn.com/image/fetch/$s_!zZ3M!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F233118be-ad9f-4439-bd5b-62cfff70200c_1584x396.png 1272w, https://substackcdn.com/image/fetch/$s_!zZ3M!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F233118be-ad9f-4439-bd5b-62cfff70200c_1584x396.png 1456w" sizes="100vw" loading="lazy"></picture><div></div></div></a></figure></div><p><strong>Courses:</strong></p><ul><li><p><strong><a href="https://skillbuilder.aws/">AWS Skill Builder (Free Tier)</a></strong> - Filter by &#8220;Free&#8221; and &#8220;Fundamentals&#8221;. The &#8220;AWS Cloud Quest: Cloud Practitioner&#8221; is a role playing game that actually teaches you the platform.</p></li><li><p><strong><a href="https://learn.microsoft.com/en-us/training/paths/azure-fundamentals/">Microsoft Learn: Azure Fundamentals</a></strong> - The official text based learning path. It is better than most paid Udemy courses.</p></li></ul><p><strong>Repos:</strong></p><p><code>jassics/awesome-aws-security</code> - A massive curated list of resources specifically for AWS security.</p><p><strong>Certs:</strong> </p><ul><li><p><strong><a href="https://www.google.com/search?q=https://education.oracle.com/oracle-cloud-infrastructure-foundations-associate/pexam_1Z0-1085-23">Oracle Cloud Infrastructure Foundations Associate</a></strong> - Oracle frequently offers this certification exam for free (check their &#8220;Race to Certification&#8221; challenges). It covers the same core cloud concepts as AWS/Azure.</p></li></ul><div class="captioned-image-container"><figure><a class="image-link image2" target="_blank" href="https://substackcdn.com/image/fetch/$s_!oHbu!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F5c125325-c576-4fd1-96e0-a14592f95338_1584x396.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!oHbu!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F5c125325-c576-4fd1-96e0-a14592f95338_1584x396.png 424w, https://substackcdn.com/image/fetch/$s_!oHbu!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F5c125325-c576-4fd1-96e0-a14592f95338_1584x396.png 848w, https://substackcdn.com/image/fetch/$s_!oHbu!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F5c125325-c576-4fd1-96e0-a14592f95338_1584x396.png 1272w, https://substackcdn.com/image/fetch/$s_!oHbu!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F5c125325-c576-4fd1-96e0-a14592f95338_1584x396.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!oHbu!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F5c125325-c576-4fd1-96e0-a14592f95338_1584x396.png" width="1456" height="364" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/5c125325-c576-4fd1-96e0-a14592f95338_1584x396.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:364,&quot;width&quot;:1456,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:1183185,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/185193423?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F5c125325-c576-4fd1-96e0-a14592f95338_1584x396.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!oHbu!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F5c125325-c576-4fd1-96e0-a14592f95338_1584x396.png 424w, https://substackcdn.com/image/fetch/$s_!oHbu!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F5c125325-c576-4fd1-96e0-a14592f95338_1584x396.png 848w, https://substackcdn.com/image/fetch/$s_!oHbu!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F5c125325-c576-4fd1-96e0-a14592f95338_1584x396.png 1272w, https://substackcdn.com/image/fetch/$s_!oHbu!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F5c125325-c576-4fd1-96e0-a14592f95338_1584x396.png 1456w" sizes="100vw" loading="lazy"></picture><div></div></div></a></figure></div><p><strong>Courses:</strong></p><p><strong><a href="https://www.edx.org/learn/linux/the-linux-foundation-introduction-to-linux">Linux Foundation: Intro to Linux (LFS101x)</a></strong> - Hosted on edX. It is the gold standard for beginners. Audit the course for free.</p><p><strong>Repos:</strong></p><p><code>jlevy/the-art-of-command-line</code> - A single README file that will teach you more practical Linux than a 4 year degree.</p><p><strong>Certs:</strong> </p><p><strong><a href="https://www.hackerrank.com/domains/shell">HackerRank Linux Shell Badge</a></strong> - Complete their challenges and earn a skill badge to display on your profile.</p><div class="captioned-image-container"><figure><a class="image-link image2" target="_blank" href="https://substackcdn.com/image/fetch/$s_!Abdo!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8066e590-07c7-4213-bc77-43b7daa095d7_1584x396.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!Abdo!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8066e590-07c7-4213-bc77-43b7daa095d7_1584x396.png 424w, https://substackcdn.com/image/fetch/$s_!Abdo!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8066e590-07c7-4213-bc77-43b7daa095d7_1584x396.png 848w, https://substackcdn.com/image/fetch/$s_!Abdo!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8066e590-07c7-4213-bc77-43b7daa095d7_1584x396.png 1272w, https://substackcdn.com/image/fetch/$s_!Abdo!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8066e590-07c7-4213-bc77-43b7daa095d7_1584x396.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!Abdo!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8066e590-07c7-4213-bc77-43b7daa095d7_1584x396.png" width="1456" height="364" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/8066e590-07c7-4213-bc77-43b7daa095d7_1584x396.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:364,&quot;width&quot;:1456,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:1208962,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/185193423?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8066e590-07c7-4213-bc77-43b7daa095d7_1584x396.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!Abdo!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8066e590-07c7-4213-bc77-43b7daa095d7_1584x396.png 424w, https://substackcdn.com/image/fetch/$s_!Abdo!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8066e590-07c7-4213-bc77-43b7daa095d7_1584x396.png 848w, https://substackcdn.com/image/fetch/$s_!Abdo!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8066e590-07c7-4213-bc77-43b7daa095d7_1584x396.png 1272w, https://substackcdn.com/image/fetch/$s_!Abdo!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8066e590-07c7-4213-bc77-43b7daa095d7_1584x396.png 1456w" sizes="100vw" loading="lazy"></picture><div></div></div></a></figure></div><p><strong>Courses:</strong></p><ul><li><p><strong><a href="https://www.google.com/search?q=https://university.gitlab.com/plans/gitlab-ci-cd-hands-on-guide-lab">GitLab Academy (CI/CD Fundamentals)</a></strong> - GitLab offers free self paced training on building pipelines.</p></li><li><p><strong><a href="https://github.com/skills/hello-github-actions">GitHub Actions: Hello World</a></strong> - An interactive bot guided course inside a real GitHub repo.</p></li></ul><p><strong>Repos:</strong></p><p><code>cicdops/awesome-ciandcd</code> - A collection of tools, best practices, and pipeline examples.</p><p><strong>Certs:</strong> </p><p><strong><a href="https://www.google.com/search?q=https://learn.microsoft.com/en-us/collections/n5p4a5z7qz5j">GitHub Foundations Learning Path Badge</a></strong> - Finish the MS Learn path for GitHub and you get a digital badge of completion (The actual exam is paid, the badge for the <em>course</em> is free).</p><div class="captioned-image-container"><figure><a class="image-link image2" target="_blank" href="https://substackcdn.com/image/fetch/$s_!yhGI!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F31919753-7b16-4b25-9ac5-fd0383ddac8d_1584x396.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!yhGI!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F31919753-7b16-4b25-9ac5-fd0383ddac8d_1584x396.png 424w, https://substackcdn.com/image/fetch/$s_!yhGI!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F31919753-7b16-4b25-9ac5-fd0383ddac8d_1584x396.png 848w, https://substackcdn.com/image/fetch/$s_!yhGI!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F31919753-7b16-4b25-9ac5-fd0383ddac8d_1584x396.png 1272w, https://substackcdn.com/image/fetch/$s_!yhGI!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F31919753-7b16-4b25-9ac5-fd0383ddac8d_1584x396.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!yhGI!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F31919753-7b16-4b25-9ac5-fd0383ddac8d_1584x396.png" width="1456" height="364" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/31919753-7b16-4b25-9ac5-fd0383ddac8d_1584x396.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:364,&quot;width&quot;:1456,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:1182321,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/185193423?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F31919753-7b16-4b25-9ac5-fd0383ddac8d_1584x396.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!yhGI!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F31919753-7b16-4b25-9ac5-fd0383ddac8d_1584x396.png 424w, https://substackcdn.com/image/fetch/$s_!yhGI!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F31919753-7b16-4b25-9ac5-fd0383ddac8d_1584x396.png 848w, https://substackcdn.com/image/fetch/$s_!yhGI!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F31919753-7b16-4b25-9ac5-fd0383ddac8d_1584x396.png 1272w, https://substackcdn.com/image/fetch/$s_!yhGI!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F31919753-7b16-4b25-9ac5-fd0383ddac8d_1584x396.png 1456w" sizes="100vw" loading="lazy"></picture><div></div></div></a></figure></div><p><strong>Courses:</strong></p><p><strong><a href="https://exercism.org/tracks/bash">Exercism: Bash Track</a></strong> - Mentored learning. You write a script, and automated tests (and sometimes humans) check your work.</p><p><strong>Repos:</strong></p><p><code>awesome-lists/awesome-bash</code> - Scripts, tutorials, and snippets to steal for your own work.</p><p><strong>Certs:</strong> </p><p><strong><a href="https://www.freecodecamp.org/learn/relational-database/">freeCodeCamp: Relational Database Certification</a></strong> - Don't let the name fool you; the first half is an intense, interactive Bash scripting bootcamp.</p><div class="captioned-image-container"><figure><a class="image-link image2" target="_blank" href="https://substackcdn.com/image/fetch/$s_!jWGn!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F106521fd-f883-4c49-a573-6695df79d587_1584x396.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!jWGn!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F106521fd-f883-4c49-a573-6695df79d587_1584x396.png 424w, https://substackcdn.com/image/fetch/$s_!jWGn!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F106521fd-f883-4c49-a573-6695df79d587_1584x396.png 848w, https://substackcdn.com/image/fetch/$s_!jWGn!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F106521fd-f883-4c49-a573-6695df79d587_1584x396.png 1272w, https://substackcdn.com/image/fetch/$s_!jWGn!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F106521fd-f883-4c49-a573-6695df79d587_1584x396.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!jWGn!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F106521fd-f883-4c49-a573-6695df79d587_1584x396.png" width="1456" height="364" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/106521fd-f883-4c49-a573-6695df79d587_1584x396.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:364,&quot;width&quot;:1456,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:1166891,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/185193423?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F106521fd-f883-4c49-a573-6695df79d587_1584x396.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!jWGn!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F106521fd-f883-4c49-a573-6695df79d587_1584x396.png 424w, https://substackcdn.com/image/fetch/$s_!jWGn!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F106521fd-f883-4c49-a573-6695df79d587_1584x396.png 848w, https://substackcdn.com/image/fetch/$s_!jWGn!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F106521fd-f883-4c49-a573-6695df79d587_1584x396.png 1272w, https://substackcdn.com/image/fetch/$s_!jWGn!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F106521fd-f883-4c49-a573-6695df79d587_1584x396.png 1456w" sizes="100vw" loading="lazy"></picture><div></div></div></a></figure></div><p><strong>Courses:</strong></p><ul><li><p><strong><a href="https://developer.hashicorp.com/vault/tutorials/getting-started">HashiCorp Vault: Getting Started</a></strong> - Interactive browser based labs. You don&#8217;t even need to install Vault to learn it.</p></li><li><p><strong><a href="https://www.google.com/search?q=https://gh.io/securing-the-supply-chain">GitHub Security Lab: Secrets Scanning</a></strong> - Learn how to prevent credential leaks directly from the source.</p></li></ul><p><strong>Repos:</strong></p><ul><li><p><code>OWASP/CheatSheetSeries</code> - Specifically the &#8220;Secrets Management Cheat Sheet&#8221;.</p></li></ul><p><strong>Certs:</strong> </p><p><strong><a href="https://www.google.com/search?q=https://learn.snyk.io/path/secrets-management/">Snyk: Secrets Management Badge</a></strong> - Snyk offers free "lessons" that grant badges upon completion.</p><div class="captioned-image-container"><figure><a class="image-link image2" target="_blank" href="https://substackcdn.com/image/fetch/$s_!o47r!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fbc850eca-78ba-4ed2-8c9e-1269a15a9dda_1584x396.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!o47r!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fbc850eca-78ba-4ed2-8c9e-1269a15a9dda_1584x396.png 424w, https://substackcdn.com/image/fetch/$s_!o47r!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fbc850eca-78ba-4ed2-8c9e-1269a15a9dda_1584x396.png 848w, https://substackcdn.com/image/fetch/$s_!o47r!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fbc850eca-78ba-4ed2-8c9e-1269a15a9dda_1584x396.png 1272w, https://substackcdn.com/image/fetch/$s_!o47r!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fbc850eca-78ba-4ed2-8c9e-1269a15a9dda_1584x396.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!o47r!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fbc850eca-78ba-4ed2-8c9e-1269a15a9dda_1584x396.png" width="1456" height="364" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/bc850eca-78ba-4ed2-8c9e-1269a15a9dda_1584x396.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:364,&quot;width&quot;:1456,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:1198670,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/185193423?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fbc850eca-78ba-4ed2-8c9e-1269a15a9dda_1584x396.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!o47r!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fbc850eca-78ba-4ed2-8c9e-1269a15a9dda_1584x396.png 424w, https://substackcdn.com/image/fetch/$s_!o47r!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fbc850eca-78ba-4ed2-8c9e-1269a15a9dda_1584x396.png 848w, https://substackcdn.com/image/fetch/$s_!o47r!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fbc850eca-78ba-4ed2-8c9e-1269a15a9dda_1584x396.png 1272w, https://substackcdn.com/image/fetch/$s_!o47r!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fbc850eca-78ba-4ed2-8c9e-1269a15a9dda_1584x396.png 1456w" sizes="100vw" loading="lazy"></picture><div></div></div></a></figure></div><p><strong>Courses:</strong></p><ul><li><p><strong><a href="https://www.wiz.io/academy">Wiz Academy: Container Security</a></strong> - High production value video courses on container vulnerabilities.</p></li></ul><p><strong>Repos:</strong></p><p><code>aquasecurity/trivy</code> - Go straight to the docs. Trivy is the industry standard open source scanner. The best way to learn is to read their "Getting Started".</p><p><strong>Certs:</strong> </p><ul><li><p><strong>None.</strong> (I can&#8217;t find any reputable &#8220;Free&#8221; cert for just image scanning. Build the <em>Capstone Project</em> I mentioned earlier instead; that is your proof.)</p></li></ul><div class="captioned-image-container"><figure><a class="image-link image2" target="_blank" href="https://substackcdn.com/image/fetch/$s_!JDAJ!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fa9caebb3-9d1b-4f07-923f-38fd0211d11a_1584x396.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!JDAJ!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fa9caebb3-9d1b-4f07-923f-38fd0211d11a_1584x396.png 424w, https://substackcdn.com/image/fetch/$s_!JDAJ!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fa9caebb3-9d1b-4f07-923f-38fd0211d11a_1584x396.png 848w, https://substackcdn.com/image/fetch/$s_!JDAJ!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fa9caebb3-9d1b-4f07-923f-38fd0211d11a_1584x396.png 1272w, https://substackcdn.com/image/fetch/$s_!JDAJ!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fa9caebb3-9d1b-4f07-923f-38fd0211d11a_1584x396.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!JDAJ!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fa9caebb3-9d1b-4f07-923f-38fd0211d11a_1584x396.png" width="1456" height="364" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/a9caebb3-9d1b-4f07-923f-38fd0211d11a_1584x396.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:364,&quot;width&quot;:1456,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:1253175,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/185193423?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fa9caebb3-9d1b-4f07-923f-38fd0211d11a_1584x396.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!JDAJ!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fa9caebb3-9d1b-4f07-923f-38fd0211d11a_1584x396.png 424w, https://substackcdn.com/image/fetch/$s_!JDAJ!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fa9caebb3-9d1b-4f07-923f-38fd0211d11a_1584x396.png 848w, https://substackcdn.com/image/fetch/$s_!JDAJ!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fa9caebb3-9d1b-4f07-923f-38fd0211d11a_1584x396.png 1272w, https://substackcdn.com/image/fetch/$s_!JDAJ!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fa9caebb3-9d1b-4f07-923f-38fd0211d11a_1584x396.png 1456w" sizes="100vw" loading="lazy"></picture><div></div></div></a></figure></div><p><strong>Courses:</strong></p><ul><li><p><strong><a href="https://codeql.github.com/docs/codeql-for-visual-studio-code/">CodeQL U-Drive</a></strong> - Learn to query code like a database to find security errors.</p></li><li><p><strong><a href="https://www.securecodewarrior.com/">Secure Code Warrior (Public Tournaments)</a></strong> - Join their free public tournaments to learn secure coding patterns gamified.</p></li></ul><p><strong>Repos:</strong></p><p><code>analysis-tools-dev/static-analysis</code> - A giant list of static analysis tools for every programming language.</p><p><strong>Certs:</strong> </p><p><strong><a href="https://www.google.com/search?q=https://www.veracode.com/security-labs">Veracode Security Labs Community Edition</a></strong> - Free hands on labs that offer completion tracking.</p><div class="captioned-image-container"><figure><a class="image-link image2" target="_blank" href="https://substackcdn.com/image/fetch/$s_!gh4c!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6f6dfa33-9267-470c-8e2b-807a980b0833_1584x396.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!gh4c!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6f6dfa33-9267-470c-8e2b-807a980b0833_1584x396.png 424w, https://substackcdn.com/image/fetch/$s_!gh4c!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6f6dfa33-9267-470c-8e2b-807a980b0833_1584x396.png 848w, https://substackcdn.com/image/fetch/$s_!gh4c!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6f6dfa33-9267-470c-8e2b-807a980b0833_1584x396.png 1272w, https://substackcdn.com/image/fetch/$s_!gh4c!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6f6dfa33-9267-470c-8e2b-807a980b0833_1584x396.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!gh4c!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6f6dfa33-9267-470c-8e2b-807a980b0833_1584x396.png" width="1456" height="364" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/6f6dfa33-9267-470c-8e2b-807a980b0833_1584x396.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:364,&quot;width&quot;:1456,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:1259193,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/185193423?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6f6dfa33-9267-470c-8e2b-807a980b0833_1584x396.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!gh4c!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6f6dfa33-9267-470c-8e2b-807a980b0833_1584x396.png 424w, https://substackcdn.com/image/fetch/$s_!gh4c!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6f6dfa33-9267-470c-8e2b-807a980b0833_1584x396.png 848w, https://substackcdn.com/image/fetch/$s_!gh4c!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6f6dfa33-9267-470c-8e2b-807a980b0833_1584x396.png 1272w, https://substackcdn.com/image/fetch/$s_!gh4c!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6f6dfa33-9267-470c-8e2b-807a980b0833_1584x396.png 1456w" sizes="100vw" loading="lazy"></picture><div></div></div></a></figure></div><p><strong>Courses:</strong></p><p><strong><a href="https://www.google.com/search?q=https://learn.snyk.io/path/open-source-security/">Snyk Learn: Open Source Security</a></strong> - Bite sized lessons on how supply chain attacks work and how SCA prevents them.</p><p><strong>Repos:</strong></p><p><code>google/osv-scanner</code> - A free vulnerability scanner by Google for open source developers.</p><p><strong>Certs:</strong> </p><p><strong><a href="https://www.synopsys.com/software-integrity/training.html">Synopsys Academy</a></strong> - They often have free "community" training paths for Black Duck/SCA concepts.</p><div class="captioned-image-container"><figure><a class="image-link image2" target="_blank" href="https://substackcdn.com/image/fetch/$s_!bZyF!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fa56a4191-69af-4f3c-8d3f-51db24c2427b_1584x396.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!bZyF!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fa56a4191-69af-4f3c-8d3f-51db24c2427b_1584x396.png 424w, https://substackcdn.com/image/fetch/$s_!bZyF!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fa56a4191-69af-4f3c-8d3f-51db24c2427b_1584x396.png 848w, https://substackcdn.com/image/fetch/$s_!bZyF!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fa56a4191-69af-4f3c-8d3f-51db24c2427b_1584x396.png 1272w, https://substackcdn.com/image/fetch/$s_!bZyF!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fa56a4191-69af-4f3c-8d3f-51db24c2427b_1584x396.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!bZyF!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fa56a4191-69af-4f3c-8d3f-51db24c2427b_1584x396.png" width="1456" height="364" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/a56a4191-69af-4f3c-8d3f-51db24c2427b_1584x396.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:364,&quot;width&quot;:1456,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:1133860,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/185193423?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fa56a4191-69af-4f3c-8d3f-51db24c2427b_1584x396.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!bZyF!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fa56a4191-69af-4f3c-8d3f-51db24c2427b_1584x396.png 424w, https://substackcdn.com/image/fetch/$s_!bZyF!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fa56a4191-69af-4f3c-8d3f-51db24c2427b_1584x396.png 848w, https://substackcdn.com/image/fetch/$s_!bZyF!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fa56a4191-69af-4f3c-8d3f-51db24c2427b_1584x396.png 1272w, https://substackcdn.com/image/fetch/$s_!bZyF!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fa56a4191-69af-4f3c-8d3f-51db24c2427b_1584x396.png 1456w" sizes="100vw" loading="lazy"></picture><div></div></div></a></figure></div><p><strong>Courses:</strong></p><p><strong><a href="https://www.qualys.com/training/">Qualys Training &amp; Certification</a></strong> - <strong>This is the holy grail of free training.</strong> Qualys offers their full "Vulnerability Management Detection and Response (VMDR)" course AND certification exam for free.</p><p><strong>Repos:</strong></p><p><code>DefectDojo/django-DefectDojo</code> - The industry standard open source tool for managing vulnerability data. Spin it up in Docker and learn it.</p><p><strong>Certs:</strong> </p><p><strong><a href="https://www.google.com/search?q=https://www.qualys.com/training/vmdr/">Qualys Certified Specialist (VMDR)</a></strong> - Real industry certification. 100% Free. This is the highest value item on this entire list.</p><div class="captioned-image-container"><figure><a class="image-link image2" target="_blank" href="https://substackcdn.com/image/fetch/$s_!v4y6!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F0d7262e2-e45a-4fe3-9b2c-5686b353272c_1584x396.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!v4y6!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F0d7262e2-e45a-4fe3-9b2c-5686b353272c_1584x396.png 424w, https://substackcdn.com/image/fetch/$s_!v4y6!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F0d7262e2-e45a-4fe3-9b2c-5686b353272c_1584x396.png 848w, https://substackcdn.com/image/fetch/$s_!v4y6!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F0d7262e2-e45a-4fe3-9b2c-5686b353272c_1584x396.png 1272w, https://substackcdn.com/image/fetch/$s_!v4y6!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F0d7262e2-e45a-4fe3-9b2c-5686b353272c_1584x396.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!v4y6!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F0d7262e2-e45a-4fe3-9b2c-5686b353272c_1584x396.png" width="1456" height="364" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/0d7262e2-e45a-4fe3-9b2c-5686b353272c_1584x396.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:364,&quot;width&quot;:1456,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:1238131,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/185193423?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F0d7262e2-e45a-4fe3-9b2c-5686b353272c_1584x396.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!v4y6!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F0d7262e2-e45a-4fe3-9b2c-5686b353272c_1584x396.png 424w, https://substackcdn.com/image/fetch/$s_!v4y6!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F0d7262e2-e45a-4fe3-9b2c-5686b353272c_1584x396.png 848w, https://substackcdn.com/image/fetch/$s_!v4y6!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F0d7262e2-e45a-4fe3-9b2c-5686b353272c_1584x396.png 1272w, https://substackcdn.com/image/fetch/$s_!v4y6!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F0d7262e2-e45a-4fe3-9b2c-5686b353272c_1584x396.png 1456w" sizes="100vw" loading="lazy"></picture><div></div></div></a></figure></div><h4><strong><a href="https://wjpearce.substack.com/p/ai-hacking-cv-project">AI Hacking CV Project &#129302;</a></strong></h4><h4><strong><a href="https://www.cybernotes.tech/p/hacking-project-101-reverse-shells">Hacking Project 101: Reverse Shells with AWS &amp; Ncat</a></strong></h4><h4><strong><a href="https://www.cybernotes.tech/p/aws-security-project-sts">AWS Security Project: STS &#128273;</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/devsecops-aws-project">DevSecOps AWS Project</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/supply-chain-security-project">Supply Chain Security Project &#128230; &#9876;&#65039;</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/you-should-learn-aws-security-hub">You should learn AWS Security Hub CSPM</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/the-ultimate-docker-project">The Ultimate Docker Project&#128011;</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/part-two-the-ultimate-docker-project">Part Two: The Ultimate Docker Project &#128011;</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/the-aws-starter-pack">The AWS Starter Pack</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/easy-cloud-devops-project">Easy Cloud DevOps Project&#128295;</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/new-aws-account-step-by-step-guide">New AWS Account Step-by-Step Guide&#10004;&#65039;</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/beginner-ai-cloud-cv-project">Beginner AI Cloud CV Project&#128221;</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/sql-injection-made-simple">SQL Injection: Made Simple &#128137;</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/the-ultimate-cloud-project">The Ultimate Cloud Project &#9729;&#65039;</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/easy-cloud-automation-project">Easy Cloud Automation Project &#9881;&#65039;</a></strong></h4><p><br>I haven&#8217;t included the literal 1000s of free YouTube resources on this list because you don&#8217;t need me to tell you YouTube is a good resource in 2026</p><p><strong>Have fun!</strong> &#128521;</p><p><em><strong>WJPearce - Cyber Notes</strong></em></p><p></p>]]></content:encoded></item><item><title><![CDATA[AI Hacking CV Project 🤖]]></title><description><![CDATA[Metasploit MCP + Claude]]></description><link>https://www.cybernotes.tech/p/ai-hacking-cv-project</link><guid isPermaLink="false">https://www.cybernotes.tech/p/ai-hacking-cv-project</guid><dc:creator><![CDATA[W J Pearce]]></dc:creator><pubDate>Sun, 11 Jan 2026 19:30:31 GMT</pubDate><enclosure url="https://substackcdn.com/image/fetch/$s_!NSHe!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F2b373a88-9639-48b5-bae2-e5ced050dea5_1542x972.png" length="0" type="image/jpeg"/><content:encoded><![CDATA[<div class="captioned-image-container"><figure><a class="image-link image2" target="_blank" href="https://substackcdn.com/image/fetch/$s_!bJ33!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!bJ33!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 424w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 848w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1272w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!bJ33!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png" width="1344" height="256" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:256,&quot;width&quot;:1344,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:null,&quot;alt&quot;:&quot;&quot;,&quot;title&quot;:null,&quot;type&quot;:null,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:null,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" title="" srcset="https://substackcdn.com/image/fetch/$s_!bJ33!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 424w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 848w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1272w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1456w" sizes="100vw" fetchpriority="high"></picture><div></div></div></a></figure></div><p><strong>Last Issue: </strong><a href="https://wjpearce.substack.com/p/10000-readers-giveaway-aws-cert">10,000 Readers Giveaway: AWS Cert &#128640;</a></p><p><strong>Next Issue:</strong> <a href="https://www.cybernotes.tech/">DevSecOps Course 2026</a></p><p><strong>This Issue: </strong><a href="https://www.cybernotes.tech/">AI Hacking Project: Metasploit MCP + Claude</a> &#129302;</p><div><hr></div><h2><strong>Project Prerequisites</strong></h2><p>Before starting this project, ensure you have the following in place. This walkthrough assumes a local, authorised lab environment that you fully control. </p><p><strong>Required environment and tools:</strong></p><ul><li><p><strong>Kali Linux:</strong> VM</p></li><li><p><strong>Claude Code:</strong> Account</p></li><li><p><strong>Python 3.10 or higher</strong></p></li><li><p><strong>Network isolated vulnerable target</strong>: For example, Metasploitable 2 running locally.</p></li><li><p><strong>A Basic understanding of Metasploit</strong>: A penetration testing tool/framework that allows you to write, do testing, and execute exploit payloads/code</p></li><li><p><strong>Let me know in the comments if you need help with the above</strong> &#11014;&#65039;</p></li></ul><p><em>This project is intended strictly for <strong>educational and lab based security testing</strong>. Do not apply these techniques to systems you do not own or explicitly have permission to test</em></p><h3><strong>Project Time&#8230;. &#128640;</strong></h3><h3><strong>As usual, I reserve the Projects for community members&#8230;Come join the fun! &#127757;</strong></h3>
      <p>
          <a href="https://www.cybernotes.tech/p/ai-hacking-cv-project">
              Read more
          </a>
      </p>
   ]]></content:encoded></item><item><title><![CDATA[10,000 Readers Giveaway: AWS Cert 🚀]]></title><description><![CDATA[AWS CCP]]></description><link>https://www.cybernotes.tech/p/10000-readers-giveaway-aws-cert</link><guid isPermaLink="false">https://www.cybernotes.tech/p/10000-readers-giveaway-aws-cert</guid><dc:creator><![CDATA[W J Pearce]]></dc:creator><pubDate>Sun, 04 Jan 2026 19:30:30 GMT</pubDate><enclosure url="https://substackcdn.com/image/fetch/$s_!cIdm!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff24a5a2d-3ac3-44e3-a523-bb67b22daa58_461x461.png" length="0" type="image/jpeg"/><content:encoded><![CDATA[<p>I can&#8217;t quite believe I&#8217;ve scaled this to <strong>10,000 weekly readers &#127881;</strong></p><p>I&#8217;ll keep this short and sweet, I&#8217;d like to give something back.</p><p>I&#8217;m giving away a free AWS Certified Cloud Practitioner exam voucher. It was the first exam I took, and it&#8217;s the one that really set me on my cloud security journey.</p><p>To enter, just reply to this post and share what your goals for this year are.</p><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!cIdm!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff24a5a2d-3ac3-44e3-a523-bb67b22daa58_461x461.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!cIdm!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff24a5a2d-3ac3-44e3-a523-bb67b22daa58_461x461.png 424w, https://substackcdn.com/image/fetch/$s_!cIdm!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff24a5a2d-3ac3-44e3-a523-bb67b22daa58_461x461.png 848w, https://substackcdn.com/image/fetch/$s_!cIdm!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff24a5a2d-3ac3-44e3-a523-bb67b22daa58_461x461.png 1272w, https://substackcdn.com/image/fetch/$s_!cIdm!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff24a5a2d-3ac3-44e3-a523-bb67b22daa58_461x461.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!cIdm!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff24a5a2d-3ac3-44e3-a523-bb67b22daa58_461x461.png" width="461" height="461" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/f24a5a2d-3ac3-44e3-a523-bb67b22daa58_461x461.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:461,&quot;width&quot;:461,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:48019,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/182845503?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff24a5a2d-3ac3-44e3-a523-bb67b22daa58_461x461.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!cIdm!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff24a5a2d-3ac3-44e3-a523-bb67b22daa58_461x461.png 424w, https://substackcdn.com/image/fetch/$s_!cIdm!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff24a5a2d-3ac3-44e3-a523-bb67b22daa58_461x461.png 848w, https://substackcdn.com/image/fetch/$s_!cIdm!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff24a5a2d-3ac3-44e3-a523-bb67b22daa58_461x461.png 1272w, https://substackcdn.com/image/fetch/$s_!cIdm!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff24a5a2d-3ac3-44e3-a523-bb67b22daa58_461x461.png 1456w" sizes="100vw" fetchpriority="high"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p>Thanks again to all of you!  for signing up, and to the community members who trusted me with their money. Especially in times like these, it&#8217;s hard to ascertain real value in the landscape, and I hope that&#8217;s something I can continue to provide.</p><p>I have more giveaways and some great projects planned for this year, so keep your eyes peeled  &#128064; &#128640;</p><div><hr></div><p><em><strong>WJPearce - Cyber Notes</strong></em></p><p><strong>Enjoyed this? </strong>Why not check out my other reads&#8230;</p><h4><strong><a href="https://www.cybernotes.tech/p/hacking-project-101-reverse-shells">Hacking Project 101: Reverse Shells with AWS &amp; Ncat</a></strong></h4><h4><strong><a href="https://www.cybernotes.tech/p/aws-security-project-sts">AWS Security Project: STS &#128273;</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/devsecops-aws-project">DevSecOps AWS Project</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/supply-chain-security-project">Supply Chain Security Project &#128230; &#9876;&#65039;</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/you-should-learn-aws-security-hub">You should learn AWS Security Hub CSPM</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/the-ultimate-docker-project">The Ultimate Docker Project&#128011;</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/part-two-the-ultimate-docker-project">Part Two: The Ultimate Docker Project &#128011;</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/the-aws-starter-pack">The AWS Starter Pack</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/easy-cloud-devops-project">Easy Cloud DevOps Project&#128295;</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/new-aws-account-step-by-step-guide">New AWS Account Step-by-Step Guide&#10004;&#65039;</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/beginner-ai-cloud-cv-project">Beginner AI Cloud CV Project&#128221;</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/sql-injection-made-simple">SQL Injection: Made Simple &#128137;</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/the-ultimate-cloud-project">The Ultimate Cloud Project &#9729;&#65039;</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/easy-cloud-automation-project">Easy Cloud Automation Project &#9881;&#65039;</a></strong></h4>]]></content:encoded></item><item><title><![CDATA[Learn this Container Security Tool… 📦⚔️ ]]></title><description><![CDATA[A Project YOU can do...]]></description><link>https://www.cybernotes.tech/p/learn-this-container-security-tool</link><guid isPermaLink="false">https://www.cybernotes.tech/p/learn-this-container-security-tool</guid><dc:creator><![CDATA[W J Pearce]]></dc:creator><pubDate>Sun, 28 Dec 2025 19:30:31 GMT</pubDate><enclosure url="https://substackcdn.com/image/fetch/$s_!hJBr!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fa245812b-440b-4817-b90a-644e74b6a547_778x690.png" length="0" type="image/jpeg"/><content:encoded><![CDATA[<div class="captioned-image-container"><figure><a class="image-link image2" target="_blank" href="https://substackcdn.com/image/fetch/$s_!bJ33!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!bJ33!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 424w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 848w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1272w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!bJ33!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png" width="1344" height="256" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:256,&quot;width&quot;:1344,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:null,&quot;alt&quot;:&quot;&quot;,&quot;title&quot;:null,&quot;type&quot;:null,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:null,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" title="" srcset="https://substackcdn.com/image/fetch/$s_!bJ33!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 424w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 848w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1272w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1456w" sizes="100vw" fetchpriority="high"></picture><div></div></div></a></figure></div><p><strong>Last Issue: </strong>Hacking Project 101: Reverse Shells with Netcat</p><p><strong>Next Issue:</strong> <a href="http://cybernotes.tech">AI Hacking Project: Atomic Red Team MCP </a></p><p><strong>This Issue: </strong><a href="http://cybernotes.tech">Learn this Container Security Tool&#8230; &#128230;&#9876;&#65039;</a> </p><div><hr></div><p><em><strong>&#8220;Two projects in one month. Not bad!</strong></em><strong> Cyber Notes is my favourite newsletter!&#8221;<br></strong>I can hear you all now say &#128227;</p><p>Jokes aside, I wanted to squeeze this one in before New Year. It will be slightly less &#8220;handholdy&#8221; than usual, but it sets you up with a practical understanding of Docker Scout and modern container security. Keep an eye out for the January project, <em><strong>AI Hacking Project: Atomic Red Team MCP</strong></em>. That one is going to be a standout.</p><p>There is no grand end goal today other than learning the tool and internalising the core concepts. By the end of this walkthrough, you will be able to:</p><p>&#8226; Understand how Docker Scout fits into a secure container pipeline</p><p>&#8226; Evaluate base image vulnerabilities and compare images effectively</p><p>&#8226; Integrate Scout into a GitHub Actions workflow for automated scanning</p><p>&#8226; Use gating policies to block releases</p><p>&#8226; Apply container security principles across your own projects</p><div><hr></div><h4>Docker Scout </h4><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!w-j3!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fda17ac4b-66b8-41db-bd60-d53d5a711c33_1110x583.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!w-j3!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fda17ac4b-66b8-41db-bd60-d53d5a711c33_1110x583.png 424w, https://substackcdn.com/image/fetch/$s_!w-j3!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fda17ac4b-66b8-41db-bd60-d53d5a711c33_1110x583.png 848w, https://substackcdn.com/image/fetch/$s_!w-j3!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fda17ac4b-66b8-41db-bd60-d53d5a711c33_1110x583.png 1272w, https://substackcdn.com/image/fetch/$s_!w-j3!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fda17ac4b-66b8-41db-bd60-d53d5a711c33_1110x583.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!w-j3!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fda17ac4b-66b8-41db-bd60-d53d5a711c33_1110x583.png" width="1110" height="583" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/da17ac4b-66b8-41db-bd60-d53d5a711c33_1110x583.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:583,&quot;width&quot;:1110,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:null,&quot;alt&quot;:&quot;Software Supply Chain Management for Developers | Docker Scout&quot;,&quot;title&quot;:null,&quot;type&quot;:null,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:null,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="Software Supply Chain Management for Developers | Docker Scout" title="Software Supply Chain Management for Developers | Docker Scout" srcset="https://substackcdn.com/image/fetch/$s_!w-j3!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fda17ac4b-66b8-41db-bd60-d53d5a711c33_1110x583.png 424w, https://substackcdn.com/image/fetch/$s_!w-j3!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fda17ac4b-66b8-41db-bd60-d53d5a711c33_1110x583.png 848w, https://substackcdn.com/image/fetch/$s_!w-j3!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fda17ac4b-66b8-41db-bd60-d53d5a711c33_1110x583.png 1272w, https://substackcdn.com/image/fetch/$s_!w-j3!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fda17ac4b-66b8-41db-bd60-d53d5a711c33_1110x583.png 1456w" sizes="100vw" loading="lazy"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p>At its core, Docker Scout is a container security solution that focuses on the software supply chain. Unlike other tools that simply grep a manifest file for versions, Scout digs into the SBOM<strong> (<a href="https://wjpearce.substack.com/p/supply-chain-security-project">More on that here)</a></strong> to identify packages and match them against CVE databases.</p><p>It operates in two main modes:</p><ol><li><p><strong>Agentless Registry Scanning (Basically, they handle the compute and you don&#8217;t need to deploy anything into your registry):</strong> It hooks into your registries like Docker Hub, AWS ECR, etc. and analyses images &#8220;at rest.&#8221; It pulls metadata (not the full image) to monitor for new vulnerabilities in old images.</p></li><li><p><strong>CI/CD &amp; CLI (Active):</strong> A lightweight CLI tool that developers run locally or inside a pipeline to block builds before an image is ever pushed.</p></li></ol><div><hr></div><h4><strong>Features (Why You Should Give a Shit)</strong></h4><p>Chances are, if you read <em>Cyber Notes</em>, you either want to work in Cloud Security or already do. Below are the main ways I personally use Docker Scout at work, and I recommend you learn to employ it in the same way.</p><p><strong>1. Managed Environments</strong> This is one of the standout features for organising policy. Instead of treating every image equally, you can assign images to specific &#8220;Environments&#8221; (<code>Dev</code>, <code>Staging</code>, <code>Prod</code>) - trust me, learn this.</p><ul><li><p><strong>Why it matters:</strong> It mirrors the label/tagging systems you might see in tools like Prisma Cloud or Port IO. It allows you to align vulnerability policies with your application lifecycle. You can be lenient in <code>Dev</code> but strict in <code>Prod</code>.</p></li></ul><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!hJBr!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fa245812b-440b-4817-b90a-644e74b6a547_778x690.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!hJBr!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fa245812b-440b-4817-b90a-644e74b6a547_778x690.png 424w, https://substackcdn.com/image/fetch/$s_!hJBr!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fa245812b-440b-4817-b90a-644e74b6a547_778x690.png 848w, https://substackcdn.com/image/fetch/$s_!hJBr!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fa245812b-440b-4817-b90a-644e74b6a547_778x690.png 1272w, https://substackcdn.com/image/fetch/$s_!hJBr!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fa245812b-440b-4817-b90a-644e74b6a547_778x690.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!hJBr!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fa245812b-440b-4817-b90a-644e74b6a547_778x690.png" width="532" height="471.82519280205656" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/a245812b-440b-4817-b90a-644e74b6a547_778x690.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:690,&quot;width&quot;:778,&quot;resizeWidth&quot;:532,&quot;bytes&quot;:349765,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/179439136?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fa245812b-440b-4817-b90a-644e74b6a547_778x690.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!hJBr!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fa245812b-440b-4817-b90a-644e74b6a547_778x690.png 424w, https://substackcdn.com/image/fetch/$s_!hJBr!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fa245812b-440b-4817-b90a-644e74b6a547_778x690.png 848w, https://substackcdn.com/image/fetch/$s_!hJBr!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fa245812b-440b-4817-b90a-644e74b6a547_778x690.png 1272w, https://substackcdn.com/image/fetch/$s_!hJBr!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fa245812b-440b-4817-b90a-644e74b6a547_778x690.png 1456w" sizes="100vw" loading="lazy"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p><strong>2. Comparison &amp; Diffing</strong> Scout includes an experimental <code>compare</code> command. This allows you to diff two images to see exactly what changed, not just in terms of layers, but in terms of vulnerability posture.</p><ul><li><p><em>Use case:</em> &#8220;My build failed today but passed yesterday. What changed?&#8221;</p></li></ul><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!32gN!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F4376de16-ebfa-4d6f-aaae-ec5b89e847b0_758x679.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!32gN!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F4376de16-ebfa-4d6f-aaae-ec5b89e847b0_758x679.png 424w, https://substackcdn.com/image/fetch/$s_!32gN!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F4376de16-ebfa-4d6f-aaae-ec5b89e847b0_758x679.png 848w, https://substackcdn.com/image/fetch/$s_!32gN!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F4376de16-ebfa-4d6f-aaae-ec5b89e847b0_758x679.png 1272w, https://substackcdn.com/image/fetch/$s_!32gN!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F4376de16-ebfa-4d6f-aaae-ec5b89e847b0_758x679.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!32gN!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F4376de16-ebfa-4d6f-aaae-ec5b89e847b0_758x679.png" width="552" height="494.4696569920844" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/4376de16-ebfa-4d6f-aaae-ec5b89e847b0_758x679.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:679,&quot;width&quot;:758,&quot;resizeWidth&quot;:552,&quot;bytes&quot;:368065,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/179439136?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F4376de16-ebfa-4d6f-aaae-ec5b89e847b0_758x679.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!32gN!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F4376de16-ebfa-4d6f-aaae-ec5b89e847b0_758x679.png 424w, https://substackcdn.com/image/fetch/$s_!32gN!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F4376de16-ebfa-4d6f-aaae-ec5b89e847b0_758x679.png 848w, https://substackcdn.com/image/fetch/$s_!32gN!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F4376de16-ebfa-4d6f-aaae-ec5b89e847b0_758x679.png 1272w, https://substackcdn.com/image/fetch/$s_!32gN!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F4376de16-ebfa-4d6f-aaae-ec5b89e847b0_758x679.png 1456w" sizes="100vw" loading="lazy"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p><strong>3. Vulnerability Management &amp; Exceptions </strong>Scout uses a pretty cool exception system (VEX) to handle false positives or accepted risks.</p><ul><li><p><strong>Scopes:</strong> You can scope exceptions to a specific image, a whole repository, or the entire organisation.</p></li><li><p><strong>The Catch:</strong> From my testing, exceptions are metadata-heavy. If you scope an exception to a specific image digest, it won&#8217;t automatically propagate to a new tag of that image unless you scope it to the <em>Repository</em> or <em>Organisation</em>. It requires a deliberate strategy to ensure you aren&#8217;t re-ignoring the same CVE every week.</p></li></ul><p><strong><br>4. Developer Ecosystem Integration</strong></p><ul><li><p><strong>SARIF Support:</strong> It outputs results in <code>.sarif</code> format, making it easy to upload findings directly into GitHub Advanced Security or other dashboards.</p></li><li><p><strong>Policy Gating:</strong> You can define thresholds (&#8220;Block on Critical&#8221;) to break the build if criteria aren&#8217;t met.</p></li></ul><div><hr></div><h4>How To</h4><p>There is no grand end goal today other than internalising the core concepts. Below is the practical workflow I used to get up and running.</p><h4>1. Authenticate &amp; Setup</h4><ul><li><p>First, you need to authenticate your local Docker CLI with your Scout organisation. </p></li></ul><ul><li><p>Open the Docker Dashboard locally and navigate to the Scout tab &gt; Sign in.</p></li></ul><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!qZhA!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff6d54721-7084-4204-a220-697fa3dfd48e_1262x714.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!qZhA!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff6d54721-7084-4204-a220-697fa3dfd48e_1262x714.png 424w, https://substackcdn.com/image/fetch/$s_!qZhA!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff6d54721-7084-4204-a220-697fa3dfd48e_1262x714.png 848w, https://substackcdn.com/image/fetch/$s_!qZhA!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff6d54721-7084-4204-a220-697fa3dfd48e_1262x714.png 1272w, https://substackcdn.com/image/fetch/$s_!qZhA!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff6d54721-7084-4204-a220-697fa3dfd48e_1262x714.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!qZhA!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff6d54721-7084-4204-a220-697fa3dfd48e_1262x714.png" width="1262" height="714" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/f6d54721-7084-4204-a220-697fa3dfd48e_1262x714.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:714,&quot;width&quot;:1262,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:159591,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/179439136?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff6d54721-7084-4204-a220-697fa3dfd48e_1262x714.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!qZhA!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff6d54721-7084-4204-a220-697fa3dfd48e_1262x714.png 424w, https://substackcdn.com/image/fetch/$s_!qZhA!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff6d54721-7084-4204-a220-697fa3dfd48e_1262x714.png 848w, https://substackcdn.com/image/fetch/$s_!qZhA!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff6d54721-7084-4204-a220-697fa3dfd48e_1262x714.png 1272w, https://substackcdn.com/image/fetch/$s_!qZhA!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff6d54721-7084-4204-a220-697fa3dfd48e_1262x714.png 1456w" sizes="100vw" loading="lazy"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><ul><li><p>You&#8217;ll be taken to the Scout onboarding page. </p></li><li><p>Go through it all, or open the demo version if you don&#8217;t have your own registry yet</p><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!Ckxf!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff27191ca-1229-4974-b9cd-b87fc820b91d_1862x513.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!Ckxf!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff27191ca-1229-4974-b9cd-b87fc820b91d_1862x513.png 424w, https://substackcdn.com/image/fetch/$s_!Ckxf!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff27191ca-1229-4974-b9cd-b87fc820b91d_1862x513.png 848w, https://substackcdn.com/image/fetch/$s_!Ckxf!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff27191ca-1229-4974-b9cd-b87fc820b91d_1862x513.png 1272w, https://substackcdn.com/image/fetch/$s_!Ckxf!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff27191ca-1229-4974-b9cd-b87fc820b91d_1862x513.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!Ckxf!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff27191ca-1229-4974-b9cd-b87fc820b91d_1862x513.png" width="1456" height="401" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/f27191ca-1229-4974-b9cd-b87fc820b91d_1862x513.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:401,&quot;width&quot;:1456,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:175867,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/179439136?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff27191ca-1229-4974-b9cd-b87fc820b91d_1862x513.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!Ckxf!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff27191ca-1229-4974-b9cd-b87fc820b91d_1862x513.png 424w, https://substackcdn.com/image/fetch/$s_!Ckxf!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff27191ca-1229-4974-b9cd-b87fc820b91d_1862x513.png 848w, https://substackcdn.com/image/fetch/$s_!Ckxf!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff27191ca-1229-4974-b9cd-b87fc820b91d_1862x513.png 1272w, https://substackcdn.com/image/fetch/$s_!Ckxf!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff27191ca-1229-4974-b9cd-b87fc820b91d_1862x513.png 1456w" sizes="100vw" loading="lazy"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div></li></ul><p>From the account settings page you can now create a personal access token which you should use to auth from the CLI, like so: </p><pre><code>docker login -u &lt;YOUR_ORG_USER&gt;
# Enter PAT Token as password</code></pre><div class="captioned-image-container"><figure><a class="image-link image2" target="_blank" href="https://substackcdn.com/image/fetch/$s_!1lP-!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F9d6e4772-0d5b-4ef3-a4d5-1dd48f0e169f_571x89.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!1lP-!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F9d6e4772-0d5b-4ef3-a4d5-1dd48f0e169f_571x89.png 424w, https://substackcdn.com/image/fetch/$s_!1lP-!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F9d6e4772-0d5b-4ef3-a4d5-1dd48f0e169f_571x89.png 848w, https://substackcdn.com/image/fetch/$s_!1lP-!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F9d6e4772-0d5b-4ef3-a4d5-1dd48f0e169f_571x89.png 1272w, https://substackcdn.com/image/fetch/$s_!1lP-!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F9d6e4772-0d5b-4ef3-a4d5-1dd48f0e169f_571x89.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!1lP-!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F9d6e4772-0d5b-4ef3-a4d5-1dd48f0e169f_571x89.png" width="571" height="89" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/9d6e4772-0d5b-4ef3-a4d5-1dd48f0e169f_571x89.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:89,&quot;width&quot;:571,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:18005,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/179439136?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F9d6e4772-0d5b-4ef3-a4d5-1dd48f0e169f_571x89.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!1lP-!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F9d6e4772-0d5b-4ef3-a4d5-1dd48f0e169f_571x89.png 424w, https://substackcdn.com/image/fetch/$s_!1lP-!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F9d6e4772-0d5b-4ef3-a4d5-1dd48f0e169f_571x89.png 848w, https://substackcdn.com/image/fetch/$s_!1lP-!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F9d6e4772-0d5b-4ef3-a4d5-1dd48f0e169f_571x89.png 1272w, https://substackcdn.com/image/fetch/$s_!1lP-!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F9d6e4772-0d5b-4ef3-a4d5-1dd48f0e169f_571x89.png 1456w" sizes="100vw" loading="lazy"></picture><div></div></div></a></figure></div><h4>2. Local Scanning</h4><p>Before you even push your image, you can run a quick scan. This is great for &#8220;shifting left&#8221; without leaving the terminal.</p><p><strong>Basic CVE Scan: I will use the Juice Shop image here</strong></p><pre><code>docker scout cves bkimminich/juice-shop:latest</code></pre><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!wS3N!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F5fba7b4f-3167-4b34-92d7-14687de65a18_794x454.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!wS3N!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F5fba7b4f-3167-4b34-92d7-14687de65a18_794x454.png 424w, https://substackcdn.com/image/fetch/$s_!wS3N!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F5fba7b4f-3167-4b34-92d7-14687de65a18_794x454.png 848w, https://substackcdn.com/image/fetch/$s_!wS3N!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F5fba7b4f-3167-4b34-92d7-14687de65a18_794x454.png 1272w, https://substackcdn.com/image/fetch/$s_!wS3N!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F5fba7b4f-3167-4b34-92d7-14687de65a18_794x454.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!wS3N!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F5fba7b4f-3167-4b34-92d7-14687de65a18_794x454.png" width="794" height="454" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/5fba7b4f-3167-4b34-92d7-14687de65a18_794x454.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:454,&quot;width&quot;:794,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:58139,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/179439136?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F5fba7b4f-3167-4b34-92d7-14687de65a18_794x454.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!wS3N!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F5fba7b4f-3167-4b34-92d7-14687de65a18_794x454.png 424w, https://substackcdn.com/image/fetch/$s_!wS3N!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F5fba7b4f-3167-4b34-92d7-14687de65a18_794x454.png 848w, https://substackcdn.com/image/fetch/$s_!wS3N!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F5fba7b4f-3167-4b34-92d7-14687de65a18_794x454.png 1272w, https://substackcdn.com/image/fetch/$s_!wS3N!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F5fba7b4f-3167-4b34-92d7-14687de65a18_794x454.png 1456w" sizes="100vw" loading="lazy"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p>Pretty easy right?</p><p><strong>Simulate a Gate:</strong> You can run the command with arguments that mirror your build pipeline gates to see if you would pass or fail.</p><pre><code>docker scout cves bkimminich/juice-shop:latest --only-severity critical,high</code></pre><div class="captioned-image-container"><figure><a class="image-link image2" target="_blank" href="https://substackcdn.com/image/fetch/$s_!Nljp!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F765ea131-8bf8-458c-84cf-614e5bc2640d_837x186.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!Nljp!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F765ea131-8bf8-458c-84cf-614e5bc2640d_837x186.png 424w, https://substackcdn.com/image/fetch/$s_!Nljp!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F765ea131-8bf8-458c-84cf-614e5bc2640d_837x186.png 848w, https://substackcdn.com/image/fetch/$s_!Nljp!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F765ea131-8bf8-458c-84cf-614e5bc2640d_837x186.png 1272w, https://substackcdn.com/image/fetch/$s_!Nljp!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F765ea131-8bf8-458c-84cf-614e5bc2640d_837x186.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!Nljp!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F765ea131-8bf8-458c-84cf-614e5bc2640d_837x186.png" width="837" height="186" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/765ea131-8bf8-458c-84cf-614e5bc2640d_837x186.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:186,&quot;width&quot;:837,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:23852,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/179439136?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F765ea131-8bf8-458c-84cf-614e5bc2640d_837x186.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!Nljp!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F765ea131-8bf8-458c-84cf-614e5bc2640d_837x186.png 424w, https://substackcdn.com/image/fetch/$s_!Nljp!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F765ea131-8bf8-458c-84cf-614e5bc2640d_837x186.png 848w, https://substackcdn.com/image/fetch/$s_!Nljp!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F765ea131-8bf8-458c-84cf-614e5bc2640d_837x186.png 1272w, https://substackcdn.com/image/fetch/$s_!Nljp!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F765ea131-8bf8-458c-84cf-614e5bc2640d_837x186.png 1456w" sizes="100vw" loading="lazy"></picture><div></div></div></a></figure></div><h4>3. Working with Managed Environments</h4><p>This was the most interesting part of the basics. You don&#8217;t just push images, you assign them to a stage in your lifecycle.</p><p><strong>Assigning an image to &#8216;Dev&#8217;:</strong></p><pre><code>docker scout environment dev cybernotes-org/bkimminich/juice-shop:latest --platform linux/arm64</code></pre><p>Remember, this ^ is what we would expect when using these tools in an actual company.</p><h4>3. Next Steps for You</h4><ul><li><p><strong>Fix the easy stuff:</strong> Run <code>docker scout recommendations &lt;image&gt;</code> . It will tell you if simply swapping the base image (from <code>node:16</code> to <code>node:16-alpine</code>) will instantly kill 50% of your CVEs.</p></li><li><p><strong>Spot the Difference Challenge:</strong> Push a new version of an image and use the experimental comparison command: <code>docker scout compare &lt;new-image&gt; --to &lt;old-image&gt;</code> This is the fastest way to answer your dev teams question question: <em>&#8220;We didn&#8217;t change the code, so why is security flagging it now?&#8221;</em></p></li><li><p><strong>Add it to GitHub:</strong> If you have a test repository, add the <code>docker/scout-action</code> to your workflow yaml. Seeing the security report appear automatically in your Pull Request comments is usually the moment the tool &#8220;clicks&#8221; for developers.</p></li></ul><p>Hopefully you&#8217;ve seen how simple it is to get up and running with image security and Docker Scout &#128011; </p><div><hr></div><p><em><strong>WJPearce - Cyber Notes</strong></em></p><p><strong>Enjoyed this? </strong>Why not check out my other reads&#8230;</p><h4><strong><a href="https://www.cybernotes.tech/p/hacking-project-101-reverse-shells">Hacking Project 101: Reverse Shells with AWS &amp; Ncat</a></strong></h4><h4><strong><a href="https://www.cybernotes.tech/p/aws-security-project-sts">AWS Security Project: STS &#128273;</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/devsecops-aws-project">DevSecOps AWS Project</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/supply-chain-security-project">Supply Chain Security Project &#128230; &#9876;&#65039;</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/you-should-learn-aws-security-hub">You should learn AWS Security Hub CSPM</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/the-ultimate-docker-project">The Ultimate Docker Project&#128011;</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/part-two-the-ultimate-docker-project">Part Two: The Ultimate Docker Project &#128011;</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/the-aws-starter-pack">The AWS Starter Pack</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/easy-cloud-devops-project">Easy Cloud DevOps Project&#128295;</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/new-aws-account-step-by-step-guide">New AWS Account Step-by-Step Guide&#10004;&#65039;</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/beginner-ai-cloud-cv-project">Beginner AI Cloud CV Project&#128221;</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/sql-injection-made-simple">SQL Injection: Made Simple &#128137;</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/the-ultimate-cloud-project">The Ultimate Cloud Project &#9729;&#65039;</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/easy-cloud-automation-project">Easy Cloud Automation Project &#9881;&#65039;</a></strong></h4>]]></content:encoded></item><item><title><![CDATA[Hacking Project 101: Reverse Shells with AWS & Ncat]]></title><description><![CDATA[10/10 Staring Point]]></description><link>https://www.cybernotes.tech/p/hacking-project-101-reverse-shells</link><guid isPermaLink="false">https://www.cybernotes.tech/p/hacking-project-101-reverse-shells</guid><dc:creator><![CDATA[W J Pearce]]></dc:creator><pubDate>Sun, 14 Dec 2025 19:30:34 GMT</pubDate><enclosure url="https://substackcdn.com/image/fetch/$s_!Gxpf!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb815f629-311b-4006-9fc7-60dde42d0881_1860x808.png" length="0" type="image/jpeg"/><content:encoded><![CDATA[<div class="captioned-image-container"><figure><a class="image-link image2" target="_blank" href="https://substackcdn.com/image/fetch/$s_!bJ33!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!bJ33!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 424w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 848w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1272w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!bJ33!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png" width="1344" height="256" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:256,&quot;width&quot;:1344,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:null,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:null,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:null,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!bJ33!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 424w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 848w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1272w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1456w" sizes="100vw" fetchpriority="high"></picture><div></div></div></a></figure></div><p><strong>Last Issue: </strong><a href="https://www.cybernotes.tech/p/5-x-entry-level-cloud-security-interview">5 x Entry Level Cloud Security Interview Questions</a></p><p><strong>Next Issue:</strong> <a href="http://cybernotes.tech">Learn this Container Security Tool&#8230; &#128230;&#9876;&#65039;</a></p><p><strong>This Issue: </strong><a href="https://www.cybernotes.tech/">Hacking Project 101: Reverse Shells with Netcat</a></p><div><hr></div><p><strong>I recently had a Cyber Notes reader reach out to share that they had landed an entry level cloud role in a FinTech company and they used some of the projects here as inspiration for their interview prep!!!! </strong></p><p><strong>This is incredible &#128165;  So, a huge shout out to them! And thank you for reading.</strong></p><p><strong>As promised, the projects are now bigger and better, and I&#8217;m spending a lot more time explaining the fundamentals &#129309; </strong></p><p><strong>Let&#8217;s begin.</strong></p><div><hr></div><h3>Read This &gt; Then do the project&#8230; </h3><p><em>Cloud fundamentals?</em> <strong>Check</strong>. <em>DevOps Skills?</em> <strong>Check</strong>. <em>AWS Certs?</em> <strong>Check</strong>.</p><p><em>Hacking demo?</em> <strong>That&#8217;s where things get interesting.</strong></p><p>I keep seeing the same pattern in the cloud security beginner space: there&#8217;s almost no real showcase of what attackers actually do.</p><p>That&#8217;s exactly where I want to take <strong>Cyber Notes</strong> in the months ahead. Understanding the processes threat actors follow, the steps they take, and how they think is absolutely something you should know if you want to secure the cloud. To be honest, it is also way more interesting than configuring yet another Cloud Service. </p><div><hr></div><h3>This is where you are going to learn the fundamentals.</h3><p><strong>What&#8217;s a shell?</strong> In simple terms, it is the user interface that allows you to &#8220;talk&#8221; to the computer&#8217;s operating system. When you open your terminal and type commands, that&#8217;s you interacting with the shell. I&#8217;m guessing you&#8217;ve used one of these:</p><p><strong>Bash (Linux / macOS):</strong> The industry standard for decades. Most Linux servers run this.</p><p><strong>Zsh (macOS / Linux):</strong> Similar to Bash but with more user friendly features (themes, better autocomplete). It is now the default on Macs.</p><p><strong>PowerShell (Windows):</strong> A powerful shell designed for system administration, treating outputs as objects rather than just text <em>(a distinction I actually just learnt while researching this project).</em></p><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!nMJt!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F2dbbe383-d86a-4cb0-a413-31683a69a698_786x607.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!nMJt!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F2dbbe383-d86a-4cb0-a413-31683a69a698_786x607.png 424w, https://substackcdn.com/image/fetch/$s_!nMJt!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F2dbbe383-d86a-4cb0-a413-31683a69a698_786x607.png 848w, https://substackcdn.com/image/fetch/$s_!nMJt!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F2dbbe383-d86a-4cb0-a413-31683a69a698_786x607.png 1272w, https://substackcdn.com/image/fetch/$s_!nMJt!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F2dbbe383-d86a-4cb0-a413-31683a69a698_786x607.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!nMJt!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F2dbbe383-d86a-4cb0-a413-31683a69a698_786x607.png" width="786" height="607" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/2dbbe383-d86a-4cb0-a413-31683a69a698_786x607.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:607,&quot;width&quot;:786,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:35805,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/180439792?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F2dbbe383-d86a-4cb0-a413-31683a69a698_786x607.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!nMJt!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F2dbbe383-d86a-4cb0-a413-31683a69a698_786x607.png 424w, https://substackcdn.com/image/fetch/$s_!nMJt!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F2dbbe383-d86a-4cb0-a413-31683a69a698_786x607.png 848w, https://substackcdn.com/image/fetch/$s_!nMJt!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F2dbbe383-d86a-4cb0-a413-31683a69a698_786x607.png 1272w, https://substackcdn.com/image/fetch/$s_!nMJt!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F2dbbe383-d86a-4cb0-a413-31683a69a698_786x607.png 1456w" sizes="100vw" loading="lazy"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p>If you&#8217;re really interested in learning more here, I recommend taking a basic Computer Architecture course, specifically one that covers the Kernel, how the shell wraps around it, and how the user interacts with the hardware through the OS.</p><p><strong>So, why does this matter for hacking?</strong> We know that opening a &#8220;Shell&#8221; on a user&#8217;s device acts as a gateway, letting us run commands to do whatever we want (so long as we have the authorisation)</p><p>If you&#8217;re an attacker, this sounds ideal, right? You are rarely going to get physical access to a target&#8217;s device, but what if you could open a shell over a network?</p><p>Congrats! That&#8217;s the basis of every attacker&#8217;s end goal.</p><h3>What are the two ways they do this?</h3><p><strong>What&#8217;s a Bind Shell?</strong></p><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!Gxpf!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb815f629-311b-4006-9fc7-60dde42d0881_1860x808.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!Gxpf!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb815f629-311b-4006-9fc7-60dde42d0881_1860x808.png 424w, https://substackcdn.com/image/fetch/$s_!Gxpf!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb815f629-311b-4006-9fc7-60dde42d0881_1860x808.png 848w, https://substackcdn.com/image/fetch/$s_!Gxpf!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb815f629-311b-4006-9fc7-60dde42d0881_1860x808.png 1272w, https://substackcdn.com/image/fetch/$s_!Gxpf!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb815f629-311b-4006-9fc7-60dde42d0881_1860x808.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!Gxpf!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb815f629-311b-4006-9fc7-60dde42d0881_1860x808.png" width="1456" height="632" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/b815f629-311b-4006-9fc7-60dde42d0881_1860x808.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:632,&quot;width&quot;:1456,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:2780796,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/180439792?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb815f629-311b-4006-9fc7-60dde42d0881_1860x808.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!Gxpf!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb815f629-311b-4006-9fc7-60dde42d0881_1860x808.png 424w, https://substackcdn.com/image/fetch/$s_!Gxpf!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb815f629-311b-4006-9fc7-60dde42d0881_1860x808.png 848w, https://substackcdn.com/image/fetch/$s_!Gxpf!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb815f629-311b-4006-9fc7-60dde42d0881_1860x808.png 1272w, https://substackcdn.com/image/fetch/$s_!Gxpf!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb815f629-311b-4006-9fc7-60dde42d0881_1860x808.png 1456w" sizes="100vw" loading="lazy"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p>This is where the target machine is made or forced, however you want to word it to open a specific port and listen for an incoming connection from the attacker.</p><p>Basically, thinking like a hacker, we want to turn the target device into a server that <strong>we</strong> connect to.</p><p>We can do this with a number of tools (like Netcat), and we will take a proper look at them in the project.</p><p><strong>But wait&#8230; what about Firewalls? </strong>Aren&#8217;t they supposed to block this kind of incoming connection?</p><p><strong>Correct.</strong></p><p>Most corporate environments and even home routers have strict Inbound firewall rules. They are designed to stop random people on the internet (you) from initiating a connection to their internal computers (the target).</p><p>If you try to connect to that open port from the outside, the firewall will see an unsolicited incoming request and simply drop it. </p><p><strong>Which is why&#8230;..We should learn&#8230;.</strong></p><p><strong>What&#8217;s a Reverse Shell?</strong></p><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!fWhe!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F755f6b76-1f29-4c23-ba91-b1ba83aa23d4_1862x942.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!fWhe!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F755f6b76-1f29-4c23-ba91-b1ba83aa23d4_1862x942.png 424w, https://substackcdn.com/image/fetch/$s_!fWhe!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F755f6b76-1f29-4c23-ba91-b1ba83aa23d4_1862x942.png 848w, https://substackcdn.com/image/fetch/$s_!fWhe!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F755f6b76-1f29-4c23-ba91-b1ba83aa23d4_1862x942.png 1272w, https://substackcdn.com/image/fetch/$s_!fWhe!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F755f6b76-1f29-4c23-ba91-b1ba83aa23d4_1862x942.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!fWhe!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F755f6b76-1f29-4c23-ba91-b1ba83aa23d4_1862x942.png" width="1456" height="737" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/755f6b76-1f29-4c23-ba91-b1ba83aa23d4_1862x942.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:737,&quot;width&quot;:1456,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:3066568,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:true,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/180439792?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F755f6b76-1f29-4c23-ba91-b1ba83aa23d4_1862x942.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!fWhe!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F755f6b76-1f29-4c23-ba91-b1ba83aa23d4_1862x942.png 424w, https://substackcdn.com/image/fetch/$s_!fWhe!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F755f6b76-1f29-4c23-ba91-b1ba83aa23d4_1862x942.png 848w, https://substackcdn.com/image/fetch/$s_!fWhe!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F755f6b76-1f29-4c23-ba91-b1ba83aa23d4_1862x942.png 1272w, https://substackcdn.com/image/fetch/$s_!fWhe!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F755f6b76-1f29-4c23-ba91-b1ba83aa23d4_1862x942.png 1456w" sizes="100vw" loading="lazy"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p>If the Bind Shell is us trying to push our way in, the Reverse Shell is us convincing the target to &#8220;phone home.&#8221;</p><p>Instead of the attacker trying to connect to the target (which the firewall blocks), we execute a payload on the target machine that tells it to connect back to us.</p><p><strong>Why does this work?</strong></p><p>Firewalls are strict on what traffic they let in (Inbound traffic), they are usually much more relaxed about what they let out (Outbound traffic). After all, the employees inside the network need to visit websites, send emails, and download updates. The firewall assumes that traffic leaving the building is generally safe.</p><p>So, in a Reverse Shell scenario:</p><ol><li><p><strong>The Attacker</strong> sets up a &#8220;Listener&#8221; on their own machine (waiting for a call).</p></li><li><p><strong>The Target</strong> (victim) initiates the connection outbound to the attacker.</p></li><li><p><strong>The Firewall</strong> sees an employee trying to connect to the internet and lets them through.</p></li></ol><p>Sweet. We have a shell.</p><h4><strong>Let&#8217;s build.</strong> </h4><h4>As usual, I reserve the Projects for community members&#8230; come join the fun! </h4>
      <p>
          <a href="https://www.cybernotes.tech/p/hacking-project-101-reverse-shells">
              Read more
          </a>
      </p>
   ]]></content:encoded></item><item><title><![CDATA[5 x Entry Level Cloud Security Interview Questions]]></title><description><![CDATA[Unixguy Special]]></description><link>https://www.cybernotes.tech/p/5-x-entry-level-cloud-security-interview</link><guid isPermaLink="false">https://www.cybernotes.tech/p/5-x-entry-level-cloud-security-interview</guid><dc:creator><![CDATA[W J Pearce]]></dc:creator><pubDate>Sun, 30 Nov 2025 19:30:38 GMT</pubDate><enclosure url="https://substackcdn.com/image/youtube/w_728,c_limit/5bX81rSaho8" length="0" type="image/jpeg"/><content:encoded><![CDATA[<div class="captioned-image-container"><figure><a class="image-link image2" target="_blank" href="https://substackcdn.com/image/fetch/$s_!bJ33!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!bJ33!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 424w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 848w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1272w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!bJ33!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png" width="1344" height="256" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:256,&quot;width&quot;:1344,&quot;resizeWidth&quot;:null,&quot;bytes&quot;:null,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:null,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:true,&quot;internalRedirect&quot;:null,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!bJ33!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 424w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 848w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1272w, https://substackcdn.com/image/fetch/$s_!bJ33!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6e482ad2-4881-4ef8-8254-51c2efc38600_1344x256.png 1456w" sizes="100vw" fetchpriority="high"></picture><div></div></div></a></figure></div><p><strong>Last Issue: </strong><a href="https://www.cybernotes.tech/p/cyber-notes-is-changing">Cyber Notes is Changing&#8230;</a></p><p><strong>Next Issue:</strong> <a href="https://www.cybernotes.tech/">Hacking Project 101: Reverse Shells with Netcat</a></p><p><strong>This Issue: </strong><a href="https://www.cybernotes.tech/p/aws-security-project-sts">AWS Project: Security Token Service  &#128273; </a></p><div><hr></div><p>I recently did a collab with Abed Hamdanm or as you might know him&#8230;<strong>UnixGuy!</strong></p><div id="youtube2-5bX81rSaho8" class="youtube-wrap" data-attrs="{&quot;videoId&quot;:&quot;5bX81rSaho8&quot;,&quot;startTime&quot;:&quot;1700s&quot;,&quot;endTime&quot;:null}" data-component-name="Youtube2ToDOM"><div class="youtube-inner"><iframe src="https://www.youtube-nocookie.com/embed/5bX81rSaho8?start=1700s&amp;rel=0&amp;autoplay=0&amp;showinfo=0&amp;enablejsapi=0" frameborder="0" loading="lazy" gesture="media" allow="autoplay; fullscreen" allowautoplay="true" allowfullscreen="true" width="728" height="409"></iframe></div></div><p>Each challenge presents a key question, a common misconception (the wrong answer), and the correct, detailed explanation. Test yourself and see how well you know the fundamentals!</p><div class="captioned-image-container"><figure><a class="image-link image2 is-viewable-img" target="_blank" href="https://substackcdn.com/image/fetch/$s_!aUeB!,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F67663d1d-8603-4419-a733-0c2ed3fab995_1875x1048.png" data-component-name="Image2ToDOM"><div class="image2-inset"><picture><source type="image/webp" srcset="https://substackcdn.com/image/fetch/$s_!aUeB!,w_424,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F67663d1d-8603-4419-a733-0c2ed3fab995_1875x1048.png 424w, https://substackcdn.com/image/fetch/$s_!aUeB!,w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F67663d1d-8603-4419-a733-0c2ed3fab995_1875x1048.png 848w, https://substackcdn.com/image/fetch/$s_!aUeB!,w_1272,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F67663d1d-8603-4419-a733-0c2ed3fab995_1875x1048.png 1272w, https://substackcdn.com/image/fetch/$s_!aUeB!,w_1456,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F67663d1d-8603-4419-a733-0c2ed3fab995_1875x1048.png 1456w" sizes="100vw"><img src="https://substackcdn.com/image/fetch/$s_!aUeB!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F67663d1d-8603-4419-a733-0c2ed3fab995_1875x1048.png" width="628" height="351.0934065934066" data-attrs="{&quot;src&quot;:&quot;https://substack-post-media.s3.amazonaws.com/public/images/67663d1d-8603-4419-a733-0c2ed3fab995_1875x1048.png&quot;,&quot;srcNoWatermark&quot;:null,&quot;fullscreen&quot;:null,&quot;imageSize&quot;:null,&quot;height&quot;:814,&quot;width&quot;:1456,&quot;resizeWidth&quot;:628,&quot;bytes&quot;:1696168,&quot;alt&quot;:null,&quot;title&quot;:null,&quot;type&quot;:&quot;image/png&quot;,&quot;href&quot;:null,&quot;belowTheFold&quot;:false,&quot;topImage&quot;:false,&quot;internalRedirect&quot;:&quot;https://www.cybernotes.tech/i/179005230?img=https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F67663d1d-8603-4419-a733-0c2ed3fab995_1875x1048.png&quot;,&quot;isProcessing&quot;:false,&quot;align&quot;:null,&quot;offset&quot;:false}" class="sizing-normal" alt="" srcset="https://substackcdn.com/image/fetch/$s_!aUeB!,w_424,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F67663d1d-8603-4419-a733-0c2ed3fab995_1875x1048.png 424w, https://substackcdn.com/image/fetch/$s_!aUeB!,w_848,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F67663d1d-8603-4419-a733-0c2ed3fab995_1875x1048.png 848w, https://substackcdn.com/image/fetch/$s_!aUeB!,w_1272,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F67663d1d-8603-4419-a733-0c2ed3fab995_1875x1048.png 1272w, https://substackcdn.com/image/fetch/$s_!aUeB!,w_1456,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F67663d1d-8603-4419-a733-0c2ed3fab995_1875x1048.png 1456w" sizes="100vw"></picture><div class="image-link-expand"><div class="pencraft pc-display-flex pc-gap-8 pc-reset"><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container restack-image"><svg role="img" width="20" height="20" viewBox="0 0 20 20" fill="none" stroke-width="1.5" stroke="var(--color-fg-primary)" stroke-linecap="round" stroke-linejoin="round" xmlns="http://www.w3.org/2000/svg"><g><title></title><path d="M2.53001 7.81595C3.49179 4.73911 6.43281 2.5 9.91173 2.5C13.1684 2.5 15.9537 4.46214 17.0852 7.23684L17.6179 8.67647M17.6179 8.67647L18.5002 4.26471M17.6179 8.67647L13.6473 6.91176M17.4995 12.1841C16.5378 15.2609 13.5967 17.5 10.1178 17.5C6.86118 17.5 4.07589 15.5379 2.94432 12.7632L2.41165 11.3235M2.41165 11.3235L1.5293 15.7353M2.41165 11.3235L6.38224 13.0882"></path></g></svg></button><button tabindex="0" type="button" class="pencraft pc-reset pencraft icon-container view-image"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="lucide lucide-maximize2 lucide-maximize-2"><polyline points="15 3 21 3 21 9"></polyline><polyline points="9 21 3 21 3 15"></polyline><line x1="21" x2="14" y1="3" y2="10"></line><line x1="3" x2="10" y1="21" y2="14"></line></svg></button></div></div></div></a></figure></div><p>Skip to <em><strong><a href="https://www.youtube.com/watch?v=5bX81rSaho8&amp;t=1700s">29:00</a></strong></em> for my section on <em><strong>5 x Common Entry Level Cloud Security Interview Questions</strong></em></p><div><hr></div><h3><strong>Question #1: Role-Based Access Control (RBAC)</strong></h3><ul><li><p><strong>Question:</strong> &#8220;What is role-based access control and how is it implemented in a cloud platform?&#8221;</p></li><li><p>&#10060; <strong>Wrong Answer (Misconception):</strong> &#8220;RBAC means each user has their own custom role with specific permissions. That&#8217;s incorrect because RBAC is about shared, standardised roles based on job functions, not user customisation, and direct user permissions don&#8217;t scale well.&#8221;</p></li><li><p>&#9989; <strong>Correct Answer:</strong> &#8220;RBAC is a security model where permissions are assigned to roles rather than individual users, and users are then added to those roles based on their job function. In cloud platforms like AWS IAM, RBAC is implemented by creating roles such as developer, security auditor, or database administrator, assigning specific permissions to each, and then attaching users or service accounts to those roles.&#8221;</p></li></ul><div><hr></div><h3><strong>Question #2: Encryption</strong></h3><ul><li><p><strong>Question:</strong> &#8220;What&#8217;s the difference between Encryption at Rest and Encryption in Transit?&#8221;</p></li><li><p>&#10060; <strong>Wrong Answer (Misconception):</strong> &#8220;Encryption in transit is only needed for public internet traffic and not internal cloud traffic. That&#8217;s wrong because even traffic inside a cloud environment should be encrypted to prevent interception by attackers.&#8221;</p></li><li><p>&#9989; <strong>Correct Answer:</strong> &#8220;Encryption at rest protects data while it&#8217;s stored on a disk or in a database so that if someone gains access to the storage, they can&#8217;t read the data without encryption keys. Encryption in transit protects data while it&#8217;s moving between two points, such as from a user&#8217;s browser to a server or between two cloud services, preventing eavesdropping during transmission.&#8221;</p></li></ul><div><hr></div><h3><strong>Question #3: Security Groups</strong></h3><ul><li><p><strong>Question:</strong> &#8220;What is a Security Group (or Network Security Group), and how does it work in the cloud?&#8221;</p></li><li><p>&#10060; <strong>Wrong Answer (Misconception):</strong> &#8220;A security group encrypts traffic that passes through it. That&#8217;s wrong because security groups only control whether traffic is allowed or denied; they do not encrypt, decrypt, or inspect the contents of the traffic.&#8221;</p></li><li><p>&#9989; <strong>Correct Answer:</strong> &#8220;A security group is a virtual firewall that controls inbound and outbound traffic to cloud resources such as virtual machines or containers. It works by defining rules that specify which traffic is allowed based on protocol, port, and source or destination IP addresses. Security groups are stateful, meaning if inbound traffic is allowed, the return traffic is automatically allowed without needing a separate outbound rule.&#8221;</p></li></ul><div><hr></div><h3><strong>Question #4: Infrastructure as Code (IaC)</strong></h3><ul><li><p><strong>Question:</strong> &#8220;What is Infrastructure as Code (IaC) and what are the security benefits?&#8221;</p></li><li><p>&#10060; <strong>Wrong Answer (Misconception):</strong> &#8220;IaC is mainly for automation and faster deployment; it doesn&#8217;t improve security.&#8221;</p></li><li><p>&#9989; <strong>Correct Answer:</strong> &#8220;Infrastructure as Code (IaC) is the practice of managing and provisioning infrastructure through code instead of manual setup. It improves security by ensuring consistency across environments, minimising human error, enabling version control to track and review changes, and supporting automated security scanning to detect misconfigurations before deployment.&#8221;</p></li></ul><div><hr></div><h3><strong>Question #5: Secrets Management</strong></h3><ul><li><p><strong>Question:</strong> &#8220;What is the purpose of Secrets Management in a cloud-based environment?&#8221;</p></li><li><p>&#10060; <strong>Wrong Answer (Misconception):</strong> &#8220;Secrets management is just about encrypting passwords in a database.&#8221;</p></li><li><p>&#9989; <strong>Correct Answer:</strong> &#8220;Secrets management is the practice of securely storing, accessing, and managing sensitive information such as passwords, API keys, database credentials, and tokens. Its purpose is to prevent secrets from being hardcoded into application code or configuration files and instead store them in a centralised, secure location that allows automatic rotation of credentials.&#8221;</p></li></ul><div><hr></div><p><em><strong>WJPearce - Cyber Notes</strong></em></p><p><strong>Enjoyed this? </strong>Why not check out my other reads&#8230;</p><h4><strong><a href="https://wjpearce.substack.com/p/devsecops-aws-project">DevSecOps AWS Project</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/supply-chain-security-project">Supply Chain Security Project &#128230; &#9876;&#65039;</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/you-should-learn-aws-security-hub">You should learn AWS Security Hub CSPM</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/the-ultimate-docker-project">The Ultimate Docker Project&#128011;</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/part-two-the-ultimate-docker-project">Part Two: The Ultimate Docker Project &#128011;</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/the-aws-starter-pack">The AWS Starter Pack</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/easy-cloud-devops-project">Easy Cloud DevOps Project&#128295;</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/new-aws-account-step-by-step-guide">New AWS Account Step-by-Step Guide&#10004;&#65039;</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/beginner-ai-cloud-cv-project">Beginner AI Cloud CV Project&#128221;</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/sql-injection-made-simple">SQL Injection: Made Simple &#128137;</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/the-ultimate-cloud-project">The Ultimate Cloud Project &#9729;&#65039;</a></strong></h4><h4><strong><a href="https://wjpearce.substack.com/p/easy-cloud-automation-project">Easy Cloud Automation Project &#9881;&#65039;</a></strong></h4>]]></content:encoded></item></channel></rss>