Posts

YAMS (Yet Another Memory System) started as a practical need: I wanted a dead-simple way to store and retrieve files, snippets, and research for LLM-driven workflows — without losing context between sessions. What I use daily is now ready to share. Note: YAMS is v0.7.x - experimental software under active development, not yet production-ready. Updated docs (2025-10-13): Site: https://yamsmemory.ai CLI: https://yamsmemory.ai/user_guide/cli/ MCP server: https://yamsmemory.ai/user_guide/mcp/ Deployment: https://yamsmemory.ai/operations/deployment/ Why YAMS? # Persistent memory for LLMs and tools Content-addressed storage (SHA-256) with block-level deduplication (Rabin) Compression (zstd/LZMA), crash safety (WAL) Fast search: SQLite FTS5 and semantic vector search Simple CLI and TUI; MCP server for Claude/Desktop and other MCP clients Now with alpha plugin support Quick install # Docker:

So I wanted to post a follow-up to my previous introduction to the umbrix platform, where I was using DSPy for entity extraction in cyber threat intelligence. If you missed that, you can find it here . This recap comes a week after I launched the platform. Two days into getting Umbrix running optimally, I started running into many problems. I have been extracting a significant volume of entities, relationships, and nodes from my agents to populate in the graph. However, I quickly realized my system was burning through resources - both in terms of rate limits and agent costs.

Over the past month, I’ve been working on a project for the Google ADK agent hackathon. This post provides an overview of my current multi-agent system, used for threat intelligence gathering, processing, and analysis. The motivation for Umbrix emerged when I was using a small language model to find A LOT of pcaps. I was attempting to seed the model with instructions on how to google dork, and feeded it with search terms to expand find publically reachable network security datasets. From that experiement, it dawned on me, there are many interesting applications for LLM’s. From there, timing and motivation was on my side. I set out to build this system with a simple thesis : *if the future is truly agentic, there are small building blocks and systems that need to be built to improve the efficiently gather and organize sources into a graph. From here I set out to design / vibe-code a system, able to improve how we fundemntally access information from security feeds by creating agents to efficiently gathering and organized sources into a graph.

Abbreviations Used # IMSI: International mobile subscriber identity RAN: Radio area network NGAP: Next-Generation Application Protocol GTP-U: GPRS tunneling protocol user plane I found it convenient to document and order 5G network attacks that I have come across in my ongoing research. I am writing this post as both a reference and a tool to focus on the bigger picture of 5G network security. I approach this work from both a network security and a security perspective, as I have relatively little knowledge of what is required to be a telecom operator. If there are any places where corrections are necessary, feel free to email me or contact me on my socials. Like other posts on this site, this will be a living document until it’s completed.

I have used FreeBSD as a server on and off for a couple years. After recently corrupting a research server running Ubuntu server, I found it imperative to migrate back to FreeBSD, setup ZFS snapshots and segment hosted services using the systems native hypervisor to improve my systems recoverability. If you have not checked out sanoid , I would highly recommend it. This post has been developed to capture that process and point to helpful resources that I have found along the way.

Disclaimer: This post is being actively updated. Updates are tracked at the bottom of this post Disclaimer: Much of the information is compiled from my learning and online sources. Please be sure to double-check claims and references if you plan to use them. Table of Contents # Introduction Advanced Threats Active Research References Updates What is DNS Tunneling # DNS tunneling is a technique used to evade network security controls. It uses the DNS protocol to allow attackers to hide data in DNS requests or open source tools to allow users to circumvent paid hotel Wi-Fi access control. The DNS protocol defined in RFC 1034 RFC 1035 , was established to facilitate the naming of network resources and has since then been used in a wide variety of applications and more recently, protocol abuses. A deeper dive of the DNS system can be found in this Cloudflare blog .

slides - video presentation Table of Contents # Introduction Mitigations and Trends Trends in Security Software In-Network Security Reflections Introduction # This presentation attempts to provide a quick and simple introduction to the next generation of technologies that will help secure the networks of tomorrow. I believe this topic is important, especially in the age of AI, because all technological stacks need to be improved with security principals in mind and not as second considerations. We are at an inflection point with the maturation of software defined networking (SDN) technology maturing and preparing for the inclusion of more automated systems and verification technologies. If you are interested in any of those briefly referenced topics, please read on.

Deconstructing Firewalls # Disclaimer: This post is being actively updated. Please check back for additional links slides - video presentation Table of Contents # What is a firewall Firewall Architectures Newer Technology Takeaways This presentation provides a general overview of the past implementations of firewalls, a modern perspective, and a forward look at what they can become. In this blog post, I will fill in any gaps in the presentation with references and helpful commentary. If you find this post useful, feel free to reach out to me at me[@]manta.black.

I spent the better part of my Friday night reinstalling my NAS server for homelab purposes. Through this experience, I found I wanted to capture what I learned and where I found answers for archiving purposes. I found many answers online that either didn’t work for me or called for a different type of implementation. I link some notable guides and threads in the reference section below. Setup # Wireguard is pretty simple and straight forward to install on any unix system. If you have any questions or see a place were an update should be made, send me and email or contact me on keybase.

At the conclusion of BSides Charlotte 2019, I realized that I would need to provide a bit more information in regards to the content that was covered in my slides especially for those who were unable to attend. The purpose of this post is to highlight those ideas relative to the presentation and to get any feedback from those interested in this the area of Research. How can one give an overview of the advancements in Computer System’s Defense and what is the scope of the systems that we are trying to defend? # Initially, I thought large enterprise networks or data centers were the only areas where the composition of system and network design would require a drastic reduction in complexity by increasing autonomy, so I sought to find solutions fitting into that scope. Realistically, the optimal goal of systems defense should exhibit the following features: