diff --git a/content/posts/commits/2026-04-09-commit-1f2d521.md b/content/posts/commits/2026-04-09-commit-1f2d521.md
new file mode 100644
index 0000000..f484324
--- /dev/null
+++ b/content/posts/commits/2026-04-09-commit-1f2d521.md
@@ -0,0 +1,46 @@
+---
+title: "[bojemoi] feat(opsec-check): +3 phases — DNS empreinte, segmentation pivot, iptables"
+date: 2026-04-09T22:01:00+02:00
+draft: false
+tags: ["commit", "bojemoi", "main"]
+categories: ["Git Activity"]
+summary: "Commit 1f2d521 par Betty dans bojemoi"
+author: "Betty"
+---
+
+## Commit `1f2d521`
+
+| | |
+|---|---|
+| **Repository** | bojemoi |
+| **Branch** | `main` |
+| **Author** | Betty |
+| **Hash** | `1f2d52187073118c7ef0a4b4b84cf2449db75128` |
+
+
+### Description
+
+Phase 7 (dns): PTR inverse, crt.sh Certificate Transparency (détecter lien
+cert entre C2 et labo), WHOIS privacy check
+Phase 8 (segmentation): pivot latéral depuis borodino_ak47 — tente grafana,
+gitea, traefik, prometheus; vérifie que postgres/redis/faraday restent joignables
+Phase 9 (iptables): audit DOCKER-USER + FORWARD sur les 4 nœuds Swarm via SSH
+
+Fix phase 3 (scan): borodino_scan_net n'est pas attachable directement —
+exec depuis container ak47 existant via SSH sur le nœud worker
+Fix ProtonVPN detection: accept anapaya/proton orgs (exit IP varie selon serveur)
+
+Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
+
+### Files Changed
+
+```
+M	.claude/commands/opsec-check.md
+```
+
+### Diff Summary
+
+```
+ .claude/commands/opsec-check.md | 157 +++++++++++++++++++++++++++++++++++++---
+ 1 file changed, 146 insertions(+), 11 deletions(-)
+```