Faruk

Faruk @cyberwebpen

About: InfoSec Analyst | 10+ yrs in DLP, CrowdStrike, QRadar, Qualys, Linux Admin, WebLogic Admin | Python & Bash Enthusiast | Passionate about cybersecurity, automation, and continuous learning.

Faruk @cyberwebpen

Faruk articles - 81 total

The First 24 Hours After a Linux Breach — My Incident Response Playbook | by Faruk Ahmed | nextgenthreat | Aug, 2025

Why I Never Trust Default Linux User Accounts (And Neither Should You) | by Faruk Ahmed | Aug, 2025 | AWS in Plain English

Why I Use Read-Only Partitions on My Linux Servers (And You Should Too) | by Faruk Ahmed | Aug, 2025

The Hidden Risks of SSH Agent Forwarding (And How I Avoid Them) | by Faruk Ahmed | Aug, 2025

Why I Run Multiple SSH Keys Instead of Just One | by Faruk Ahmed | Aug, 2025

What I Do the Moment I Suspect My Ubuntu Server Has Been Compromised | by Faruk Ahmed | Aug, 2025

The One Linux Security Habit That Exposes You — And How I Fixed It | by Faruk Ahmed | Aug, 2025

Immutable Infrastructure on Linux: Why I Don’t Modify Servers After Deployment | by Faruk Ahmed | Aug, 2025

How I Hunt for Silent Rootkits on Linux (Before They Hunt Me) | by Faruk Ahmed | Aug, 2025

Why I No Longer Trust “Secure by Default” in Linux Server Installs | by Faruk Ahmed | Jul, 2025

Why You Should Never Trust Default Configurations on a Fresh Linux Install | by Faruk Ahmed | Jul, 2025

The Ultimate Fusion: Linux, Ubuntu, and Cybersecurity | by Faruk Ahmed | Jun, 2025

The Linux Service That Almost Let Attackers Slip In (And How I Found It Just in Time) | by Faruk Ahmed | Jun, 2025

How I Use aide to Detect Unauthorized Changes on My Linux and Ubuntu Servers | by Faruk Ahmed | Jul, 2025

How I Harden My Linux Server in 30 Minutes After Every Fresh Install (Ubuntu & Red Hat) | by Faruk Ahmed | Jul, 2025

How I Found a Hidden Reverse Shell Running as www-data (And What I Did About It) | by Faruk Ahmed | Jul, 2025

How I Found a Hidden Backdoor User Account on My Ubuntu Server (And What I Did About It) | by Faruk Ahmed | Jun, 2025

7 Things I Check Immediately After Logging Into a Linux Server I Didn’t Set Up | by Faruk Ahmed | Jul, 2025

7 Hidden Backdoors I’ve Found on Compromised Linux Servers (And How to Remove Them) | by Faruk Ahmed | Jul, 2025

Why I Set Email Alerts for Every New User Added to My Linux Server (And How You Can Too) | by Faruk Ahmed | Jul, 2025

Why I Always Check /etc/sudoers.d on a Compromised Linux Server | by Faruk Ahmed | Jun, 2025

What I Check Every Week to Keep My Linux Servers Safe and Stable | by Faruk Ahmed | Jul, 2025

The Linux Rootkit That Hid in Plain Sight: How I Finally Detected It | by Faruk Ahmed | Jun, 2025

How I Use netstat and ss to Catch Suspicious Connections on Linux | by Faruk Ahmed | Jul, 2025

How a Controlled Breach Test Helped Me Harden My Linux Server Instantly | by Faruk Ahmed | Jun, 2025

Why I Never Trust Pre-Installed Packages on Linux or Ubuntu Servers | by Faruk Ahmed | Jun, 2025

Why I Check for Hidden Processes Every Week on My Linux Servers (And You Should Too) | by Faruk Ahmed | Jun, 2025

How I Found an Unknown Cron Job Mining Crypto on My Ubuntu Server | by Faruk Ahmed | Jun, 2025

7 CIS Security Best Practices I Apply on Every Linux Server I Set Up | by Faruk Ahmed | Jun, 2025

How I Use auditd to Catch Hidden Changes on My Linux Server | by Faruk Ahmed | Jun, 2025

Faruk
articles - 81 total