Originally posted over at Medium.com. Key management is a nightmare. It started with keys everywhere — then we all started sticking our keys, tokens, and break-glass passwords into a vault or password manager and rotating them accordingly. Storing secrets has become a business — but how do you manage AWS Read more…
This is a how-to for building simple sites in Flask. If you want a quick personal blog, I’d recommend deploying a pre-built WordPress instance on Google Cloud or AWS. In my case, I wanted to get a little more experience with Flask and general web development, so I built a Read more…
A small project to identify bot/malicious Steam accounts. The problem For context, Steam is a gaming marketplace serving 90M users. Users tie DRM games, in-game items, and digital currency to their accounts. Automated phishing of accounts via other steam profiles hasn’t so much been a rising, but persistent issue for Read more…
For those of you without off-the-shelf vulnerability scanners, try this simple bash script to detect libssh servers in your environment. Download: libssh_finder.sh # Specify which ports to check for SSH servers for port in 22 2022 2222 do # Substitute your target subnets and hosts for ip in 192.168.{0..10}.{0.255} do Read more…
Overview Here are some examples for how to tunnel via SSH and pivot within a network. Hopefully this clears up any questions you might have. If you just want the syntax for SSH tunneling; here you go: The goal of SSH tunneling is to send your traffic through a proxy Read more…
Steps 1. Add a webhook to your Slack team. 2. Create your AIE alarm with fields that you want to pass to your webhook. 3. Create a powershell script accepting the fields as parameters: 4. Create the actions.xml manifest with the same parameters/fields: 5. Create your SmartResponse Plugin using the Read more…
Here is a LogRhythm regex parser that I use for F5 WAF syslog violations. This is for the actual WAF violations, not the L7 DDoS logs. Some of the tags are LogRhythm specific, but this can be easily modified for whatever SIEM you’d like. The LogRhythm field tags that I Read more…