# OpSec
Some quick notes on operational security when deploying infrastructure. I'll dive deeper into these and refine this section further in the future.
1. If utilizing a dropbox with Kali Linux installed, ensure that you have removed both the Kali and Metasploit repositories from `sources`.
1. Reaching out to either of these domains is easily alerted on.
2. Ensure the hostname is not suspicious upon connecting to the network.
3. Ensure that running a command such as `apt-get` results in expected repositories such as Ubuntu or Debian being called (this will depend on the network and systems in use).
4. Install all tooling and verify it is working as expected prior to deploying a machine on the network. (You don't want to be fighting dependencies after planting the machine).
5. Type redacted commands to teammates over secure communications prior to running.
1. This will ensure that you can run/chain attacks together faster.
2. This will also ensure that you or a teammate may catch any typos in the command.
6. If possible, ensure that full disk encryption is enabled on the dropbox. Otherwise, ensure that no sensitive information is stored on the system in the event that it is burned.
### References
{% embed url="" %}
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://ttp.parzival.sh/red-teaming/offensive-infrastructure/opsec.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.