Pi + Emacs = 🤝 In my last blog post I wrote about the need to integrate Pi into Emacs. Normally, this would be a trivial task since most AI Coding Agents have some straightforward integrations with Emacs. The issue I ran into was the majority of my daily applications and tools are in containers. I took the same idea I had for my security containers and resued it for Pi. Read more...

How I started - Opencode with Gemini I had learned about AI agents early on but dismissed it since I had no real use for them at the time. This all changed with the introduction of Opencode and REMnux MCP in the last version of REMnux. I have been a user of REMnux and talked about it several times on this blog. Luckily, the learning curve of Opencode and REMnux MCP was steep enough to keep me interested in the technlogy. Read more...

Utilizing Agents with REMnux AI In the last blog post I took a quick look at REMnux MCP server. Under the hood the MCP server uses Opencode to function as it’s MCP server. Upon further research I found Opencode has the ability to run custom “AI Agents”. With Agents you can have a customized workflow and have the LLM do specific (repetitive) work. This spark my interest since there is a huge time saving benefit if I could “hand off” a simpler part of my analysis tasks. Read more...

REMnux MCP Server The security focused Linux distro REMnux announced the availability of “REMnux MCP Server”. Which uses/Opencode/ to run agents on REMnux for various analysis tasks. After hearing of this announcement I was immediately excited to try it. So let’s have a quick look. Starting AI in REMnux I decided to download the container version of REMnux since I used to a container workflow. Once downloaded I used the following command to start the container. Read more...

Portable, Reusable Containers. I enjoy creating a bunch of containers for various uses. The best part is I can create a container to fit my workflow. So my tool stack become malleable and manageable. I can create, rebuild, and destroy containers as my needs require. Granted disk space and time are always a concern. But I resolve that by being intentional with my tool stack. Day to Day Toolbox Container I use Fedora Linux as my workstation OS on a daily basis. Read more...

The Art of Note Taking I was talking about building the habit of taking notes to a junior analyst the other day. I was sharing with them the importance of simply writing things down and then converting them to notes. Basically build the habit of note taking. Later I realized I forgot to teach them The Real Note Taking Hack. This hack is simple and summed up in one word: introspection. Read more...

BSIDES RGV 2025 Quick, Easy, Malware Investigations and Threat Hunting About Me Hi! I’m Eduardo Robles I work for County of Hidalgo IT dept as a Cybersecurity Analyst IV Founder of South Texas Linux Users Group. You can check out my skills on my blog or LinkedIn. Agenda Learn the basics of Malware Analysis Learn some Threat Hunting skills Small look into Digital Forensics Disclaimer Everything in this talk is my own research and opinion. Read more...

Local LLMs In Your Homelab Why experiment with LLM technology in the first place? Well simple because it’s everywhere and huge tech companies will shove it our faces every chance they get! In all seriousness, it’s actually never been easier to experiment with these Models even on low end hardware. Yes, you can experiment with LLMs by running them on a single CPU and decent RAM. Let me show you how I did it. Read more...

What is Cyberchef? Cyberchef is a tool I learned about toward the end of 2024. Since then I began using it more and more. CyberChef was developed by GCHQ and is the Cyber Swiss Army Knife web app for encryption, encoding, compression and data analysis. In the end it proved to extremely useful for Forensic Analysis and Incident Response investigations. You can use the free version online but if you want to run it in your environment you can. Read more...

Bsides Austin 2024 This is my talk for BSIDES Austin 2024 Malware Investigations Why do internal malware analysis? Existing tools Virustotal, JoeSandbox, etc. Protect sensitive information from 3rd parties. Freedom from reliance on one tool or platform. Malware is scary and dangerous, put in a box (container). Malware is scary. Malware is dangerous. So it’s best to analyze in a “contained” environment. Virtual Machines Containers (Docker, Podman, etc) Working with Malware Samples Safely moving malware around to later analyze can be daunting. Read more...