---
title: "[bojemoi] feat(opsec-check): +3 phases — DNS empreinte, segmentation pivot, iptables"
date: 2026-04-09T22:01:00+02:00
draft: false
tags: ["commit", "bojemoi", "main"]
categories: ["Git Activity"]
summary: "Commit 1f2d521 par Betty dans bojemoi"
author: "Betty"
---

## Commit `1f2d521`

| | |
|---|---|
| **Repository** | bojemoi |
| **Branch** | `main` |
| **Author** | Betty |
| **Hash** | `1f2d52187073118c7ef0a4b4b84cf2449db75128` |


### Description

Phase 7 (dns): PTR inverse, crt.sh Certificate Transparency (détecter lien
cert entre C2 et labo), WHOIS privacy check
Phase 8 (segmentation): pivot latéral depuis borodino_ak47 — tente grafana,
gitea, traefik, prometheus; vérifie que postgres/redis/faraday restent joignables
Phase 9 (iptables): audit DOCKER-USER + FORWARD sur les 4 nœuds Swarm via SSH

Fix phase 3 (scan): borodino_scan_net n'est pas attachable directement —
exec depuis container ak47 existant via SSH sur le nœud worker
Fix ProtonVPN detection: accept anapaya/proton orgs (exit IP varie selon serveur)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

### Files Changed

```
M	.claude/commands/opsec-check.md
```

### Diff Summary

```
 .claude/commands/opsec-check.md | 157 +++++++++++++++++++++++++++++++++++++---
 1 file changed, 146 insertions(+), 11 deletions(-)
```