EO Short Description (2–3 lines): Graham Helton is a security-focused engineer and writer covering Kubernetes security, offensive security research, and infrastructure internals. His blogs and notes explore real-world attack paths, cloud and container security, Linux systems, and practical lessons from red team and defensive work.
35 articles from this blog
An update on using Obsidian for knowledge management, focusing on vault structure, custom plugins, and AI integration for cybersecurity research.
Analysis of Anthropic's Mythos model, Vercel breach, and AI red teaming, plus Claude Code's new cyber content restrictions.
Explores the rapid pace of AI advancement, comparing it to cloud computing, and warns that falling behind in AI skills is a professional risk.
A developer documents converting a van into a mobile homelab with a Kubernetes cluster, solar power, and remote work setup.
A developer builds a custom Obsidian publishing pipeline with check, build, and deploy steps for a static site generator.
Explains how nodes/proxy GET permissions in Kubernetes can be exploited for remote code execution, detailing the vulnerability and affected Helm charts.
A technical demonstration of how UBlock Origin's custom script feature can be exploited for malicious purposes like cookie theft and clipboard monitoring.
A developer tests Crush, a new TUI-based AI coding agent from Charm, using it to generate dynamic OpenGraph images and modify a Neovim configuration.
A developer's journey to find a reliable hardware KVM solution for switching peripherals between a MacBook and a Linux desktop, detailing the setup and remaining issues.
A developer details technical updates to their personal website, including migration to Git, build script refactoring, and new content utilities.
A software engineer shares practical guidelines for starting a new tech role, covering documentation, tools, habits, and work-life balance.
A technical guide on using HashiCorp Packer to create secure, consistent machine images (gold images) on Google Cloud Platform (GCP).
A guide to navigating different netcat versions (OpenBSD, Traditional, Ncat) for CTFs and reverse shells, highlighting key syntax differences and pitfalls.
Explores a Linux user-land persistence technique using D-Bus to execute code without root access, targeting desktop environments.
A curated list of RSS feeds for offensive security (Offsec) blogs and resources, with tips on using an RSS reader like Feedbin.
Explains the nuanced differences between privileged pods and host namespace sharing in Kubernetes, clarifying common misconceptions.
Explores the distinction between informal 'notes' for quick sharing and formal 'blogs' for polished writing in tech content creation.
A penetration tester demonstrates AI security risks by having an AI generate stealthy malicious code for a proof-of-concept backdoor.
Estimates Kubernetes audit log volume at ~1GB/day for a minimal 2-node cluster using basic metadata-level logging.
A framework for evaluating work based on Expertise, Purpose, Fun, and Difficulty, with examples from Kubernetes security.
