desvert's blog

I'm a commercial HVAC technician transitioning into IT and OT security. This blog documents the work: building lab tools for network forensics and OT protocol analysis, experimenting with AI-assisted SOC workflows, and occasionally running a small service the right way just to see what that takes.

Selected Projects

• netparse
  MCP server for network forensics. Parses saved PCAPs with tshark and returns structured data for LLM-assisted triage.
• otparse
  MCP server for OT/ICS PCAP analysis. Parses Modbus/TCP and BACnet/IP traffic and returns structured JSON for LLM analysis.
• mcp-test-env
  Docker Compose lab that generates realistic attack traffic using Metasploitable2, automated exploitation, and packet capture sensors.
• OT HVAC Testbed
  HVAC control and instrumentation testbed for exploring real-world OT/ICS concepts.

Posts

• Homelab 3: Adding the Catalyst – May 5, 2026
• Homelab 2: First Services Up – Apr 30, 2026
• Homelab 1: Taking Control – Apr 26, 2026
• Home Server Recovery: When a Simple Reboot Took Everything Down – Mar 24, 2026
• Building a Self-Contained Attack Simulation Lab with Docker and Claude Code – Mar 18, 2026
• otparse: An MCP Server for OT/ICS PCAP Analysis – Mar 12, 2026
• Building a Personal Knowledge Processor with MCP and Claude Code – Mar 10, 2026
• Building an AI-Assisted SOC Triage Lab with Claude, MCP, and Docker – Mar 4, 2026
• Running a Small Service Like It Matters – Dec 28, 2025
• Phase 2: Building the Primary HVAC Controller – Dec 17, 2025
• Desktop HVAC Lab Phase 1.5 - Bringing the CO2 Sensor to Life – Dec 8, 2025
• Desktop HVAC Lab - Phase 1 – Nov 26, 2025
• Detecting a Brute-Force SSH Attack Using System Logs – Jul 3, 2025
• Hack The Box: 2Million - A Narrative Walkthrough – Jul 3, 2025
• Exploiting a Siemens S7 PLC Using Modbus and Python – Jul 1, 2025
• Pwnable.kr - flag – May 28, 2025
• Pwnable.kr - col – May 27, 2025
• OverTheWire - narnia0 – Apr 5, 2025