amit.nepal:~$ whoami

Notes from the command line.

Field notes, how-tos, and deep writeups on Linux, infrastructure, and offensive security from a 25-year practitioner.

Subscribe — it's free →Read the blog

CISSPCISMOSCPGRTPRHCE

Amit Nepal: ~

amitnepal:~$ cat ./about.txt

role : Security Engineer · Linux & Infrastructure · Offensive Security

focus : offsec · infra · hardening

exp : 25 years, still learning

location : United States

amitnepal:~$ ls ./topics/

linux/ offsec/ infra/ blue-team/ ai/

amitnepal:~$

articles published

25y

in the field

9.2k

subscribers

active certifications

Featured

Latest deep dive

all posts →

AI & AgentsJun 1, 2026 · 1 min read

Securing AI Systems: Hardening Your LLM Infrastructure

Production LLM deployments have a distinct attack surface most teams aren't thinking about. Here's how to harden every layer: model, prompt, tools, retrieval, and output.

hardening supply-chain prompt-injection llm-security

Read the writeup →

Browse by topic

Five things I write about

all tags →

Offensive Security

Pentest methodology, privesc, AD attacks, CTF and research writeups.

6 posts

Linux

Hardening, systemd, SELinux, the shell, and 25 years of muscle memory.

6 posts

Infrastructure

Kubernetes, IaC, networking, observability and keeping it all running.

6 posts

Blue Team

Detection engineering, logging, incident response and threat hunting.

6 posts

AI & Agents

Offensive AI, defensive AI, autonomous agents, and LLM security.

10 posts

Recent

Fresh from the terminal

view all →

AI & Agents

AI & Agents·Jun 1

AI-Powered Reconnaissance: OSINT Automation with Language Models

AI compresses OSINT from days to hours — and finds connections human analysts miss. Here's the pipeline, the tools, and the opsec considerations.

automation red-team osint

AI & Agents

AI & Agents·Jun 1

Agentic AI in the SOC: From Alert Queue to Autonomous Response

Agentic AI in the SOC: from triage automation to autonomous containment. Here's what works, how to measure it, and the governance layer you cannot skip.

automation incident-response detection

AI & Agents

AI & Agents·Jun 1

LLM Security: Prompt Injection, Jailbreaks, and Model Attacks

Prompt injection is the SQL injection of AI applications. Here's how to test for it, the indirect variants via RAG, and defenses that actually work.

prompt-injection llm-security jailbreak

Free newsletter

Get new writeups in your inbox

No spam, no fluff. One email when I publish something worth your time.