Sign in Subscribe

Tim Wilkes

Tim Wilkes is a UK-based Enterprise Architect with over 25 years of experience in electronics, Linux, Security, and Unix systems administration.

My "Weird" Path to Infosec

Originally published on the Manchester Greyhats Blog on 2018-03-09 by

PHP Malware Examination Part 2

A deep dive into obfuscated PHP malware reveals a multi-class backdoor using XOR/Base64 decoding, remote command execution, and SEO spam generation. By unpacking its structure, we uncover hidden C2 communication, template injection, and keyword-driven sitemap abuse.

PHP Malware Examination

A real-world PHP malware analysis walkthrough. Starting with an obfuscated sample, this post peels back XOR encoding, character substitution, and hidden payloads to reveal a backdoor. Learn practical techniques for safely analysing and understanding malicious PHP code step by step.

🔄 Automatically Update Paperless-ngx with a Webhook (Portainer + Home Assistant)

Automate updates for your Paperless-ngx stack using Portainer webhooks and Home Assistant. This guide shows how to trigger container updates via REST commands for a fully hands-free, self-hosted document management system.

🔋 Stop Killing Your Laptop Battery: Automate Charging with Home Assistant

Stop overcharging your laptop and extend battery lifespan with Home Assistant automation. Use a smart plug, webhook triggers, and simple scripts to control charging between safe thresholds and protect your device long-term.

🌐 Clear Web vs Deep Web vs Dark Web: What’s the Real Difference?

The internet isn’t just what you see in your

Monitor Your Ghost Blog with the Home Assistant Ghost Integration

Home Assistant now includes a native Ghost integration, allowing you to monitor your blog directly from your smart home dashboard. Learn how to connect your Ghost site, fix the common API error, and create useful automations like alerts for low scheduled posts.

How to Store Secrets Securely in Kestra Using an Encoded .env File

Protect your automation workflows by encoding secrets before loading them into Kestra. This tutorial shows how to convert a .env file into base64-encoded secrets using Bash and safely inject SSH keys and credentials into your flows.

Automated pfSense Git Backups with Kestra (config.xml Version Control)

Protect your firewall by automatically backing up your pfSense config.xml file using Kestra. This tutorial shows how to securely pull the configuration and push it to GitLab on a schedule with full version control and disaster recovery readiness.

How to Automatically Backup Kestra to GitLab (Step-by-Step Guide)

Protect your Kestra workflows from data loss with automated Git-based backups. This step-by-step guide shows how to schedule namespace and flow backups to GitLab using built-in plugins, secrets, and cron triggers.