https://favas.is-a.dev/Recent content on Mohammad Favas S | PortfolioHugoen-usFri, 24 Apr 2026 10:00:00 +0530https://favas.is-a.dev/writeups/linux-hardening/Fri, 24 Apr 2026 10:00:00 +0530https://favas.is-a.dev/writeups/linux-hardening/<h1 id="linux-infrastructure-hardening-and-siem-orchestration">Linux Infrastructure Hardening and SIEM Orchestration</h1> <p><strong>Compliance status:</strong> <code>83%</code><br> <strong>Starting baseline:</strong> <code>26%</code><br> <strong>Framework:</strong> CIS Arch Linux Benchmark<br> <strong>Environment:</strong> Arch Linux security lab with Wazuh-based monitoring</p> <hr> <h2 id="1-executive-summary">1. Executive Summary</h2> <p>This project documents the hardening of a newly deployed Arch Linux system using CIS-aligned controls and centralized monitoring through Wazuh. The goal was not only to raise the benchmark score, but to build a host that was easier to audit, harder to misuse, and capable of producing actionable security telemetry.</p>https://favas.is-a.dev/writeups/peelr/Wed, 01 Apr 2026 10:00:00 +0530https://favas.is-a.dev/writeups/peelr/<h2 id="why-peelr">Why Peelr</h2> <p>Modern targets ship huge bundles, vendor blobs, and frontend code paths nobody wants to read line by line. Peelr cuts that down by combining regex-based detection with lightweight token-level flow correlation, confidence scoring, and per-file risk scoring.</p> <p>It is designed for:</p> <ul> <li>Bug bounty recon</li> <li>Web app security reviews</li> <li>Triage during content discovery</li> <li>Repeat scans against changing targets</li> <li>Fast CLI pipelines with minimal setup</li> </ul> <p>It is not trying to be a full static analysis framework. It is trying to be fast, useful, and easy to drop into real recon.</p>