Category Archives: Uncategorized

This week I was having an annoying issue trying to use the requests library from Python – my corporate proxy is doing SSL inspection and HTTPS traffic was failing due to SSL errors. After some googling, troubleshooting, and head-smashing – I found a solution. That should be it! From here on you can test withContinue reading “Adding a Proxy Certificate in Windows Subsystem for Linux”

This was a really great book that helped me understand quite a bit more about the problems faced by the US government intelligence community. The book does a deep dive into the history of the IC and discusses some of the successes and failures that the IC has had throughout history. Backed by nearly 30Continue reading “Spies, Lies, and Algorithms: The History and Future of American Intelligence by Amy B Zegart”

I just finished The Lazarus Heist by Geoff White I loved the book. It was a great supplement to the podcast by the same author and of the same title. The audiobook is read by the author which really adds that additional element in an audiobook. The content is additive to the podcast but not aContinue reading “The Lazarus Heist by Geoff White“

The book begins by discussing the origins of Zero Day markets and follows the author’s journey into discovering exactly who is buying and who is selling these bugs and exploits. This is a narrative-driven piece that focuses both on the individuals that Perlroth interviews and intertwines their stories with the historical events of the so-calledContinue reading “This Is How They Tell Me the World Ends (The Cyberweapons Arms Race) – Nicole Perlroth”

I chose to use an ELK stack for ease of use (lol). In actuality ELK is free and has a lot of configurations available. I don’t love it and would rather use Splunk or something else – but it is good practice and it works fine. I might build something like Security Onion on topContinue reading “Home Lab – SIEM”

All of the readers of this blog – and by that I mean myself only – know that I recently moved to a new home. After lugging my server rack across the country, I had to take the time to assemble everything and to do it a little better this time. First comes the wiring.Continue reading “Home Lab – Networking”

Enumeration: NMAP: Enum4Linux: Nikto: Dirb: Outputted a long text file but the only thing interesting is that there http://love.htb/admin/ was available – this is useful later Getting Foothold: The enumeration stage revealed 2 interesting tidbits: staging.love.htb is a valid subdomain love.htb/admin/ is apparently an admin login port 5000 was open So naturally the first stepContinue reading “HackTheBox – Love”

For my Software Security class we were given the task of remediating vulnerabilities in the OWASP Wacko Picko web server. This is an intentionally vulnerable and broken web server with quite a few intentionally bad bits of code. The code for this box can be found here:https://github.com/adamdoupe/WackoPicko Problems Session ID Vulnerability Definitions [https://cwe.mitre.org/data/definitions/384.html] This vulnerabilityContinue reading “Remediating OWASP Vulnerabilities”

This is a write-up I did after working through this CTF: https://tryhackme.com/room/attacktivedirectory Tools: Impacket:Impacket is a collection of Python classes for working with network protocols. Impacket is focused on providing low-level programmatic access to the packets and for some protocols (e.g. SMB1-3 and MSRPC) the protocol implementation itself. Packets can be constructed from scratch, asContinue reading “TryHackMe – Attactive Directory”

This is a simple script I wrote today to send an email when a specific service is no longer running. I’ve been having issues with Veeam randomly stopping the SQL service and I built this to send, on a scheduled task, a message via Google’s open SMTP and an app password on my MFA protectedContinue reading “Simple Powershell Scripts pt.2”