computers InsightVM (Nexpose) Slack Bot Link to the repo at the bottom... Precursor to this post: https://ratil.life/slackbots-for-fun-and-profit/ [https://ratil.life/slackbots-for-fun-and-profit/] A few months back I decided to find a way to lighten the load of ad hoc vulnerability scanning requests by our system owners. One of our biggest time sucks was
computers Timestamp Keyboard Shortcut In gedit I do not know why this was such a hard problem to find a solution to given that the solution I arrived at was extremely simple. On multiple teams I work with, we have a need to take timestamped notes of our actions. Often we are operating on locked down
computers Testing With Python: First-Timer Perspective Certainly nothing groundbreaking here, just my experience diving into the world of code testing. Code Testing Any book, blog, or article about software development is going to tell you that you should always write tests for your code. Even more so, you should write the tests before you ever even
computers Hack The Box - Bashed Bashed: Retired 28 April 2018 If you are interested in learning more about penetration testing, Hack the Box is a great way to get your feet wet in a legal and well built environment. Head over to hackthebox.eu [https://hackthebox.eu] to get started. Bashed was one of the
computers SANS SEC660 - Advanced Penetration Testing, Exploit Writing, and Ethical Hacking UPDATE: I took my exam and PASSED! I felt that the actual exam was a bit harder than the practice tests but I also get my best score out of the three. The material covered in class is great but you really have to have read the text in the
computers Hack The Box - Sense Sense: Retired 24 March 2018 If you are interested in learning more about penetration testing, Hack the Box is a great way to get your feet wet in a legal and well built environment. Head over to hackthebox.eu [https://hackthebox.eu] to get started. Sense was an easier box
computers Slackbots for Fun and Profit This is the general process/flow for creating Slack integrations, nothing groundbreaking here, just wanting to consolidate the info that I used when building bots. In the future (once I get approval) I will publish the details of a bot in Ruby and a slash command in Python. Bot/Slash
computers New NAS and Backup Strategy I finally got a NAS (Synology DS216se) for the house to keep our photos and other important files safe. I was starting to get really nervous about losing data both on the home computer and this server as well. The new NAS required a good backup strategy. I really wanted
computers Cloudflare - Free Tier While researching ways to improve the speed of this website, I recently found out that Cloudflare offers a free tier of service to personal websites and blogs. Everything I read made this seem like a pretty easy move and the benefits of increased security, speed, and DOS protection seemed like
computers Hack The Box - Mirai Mirai: Retired 10 Feb 2018 If you are interested in learning more about penetration testing, Hack the Box is a great way to get your feet wet in a legal and well built environment. Head over to hackthebox.eu [https://hackthebox.eu] to get started. Mirai was certainly one of
computers Hack The Box - Solidstate SolidState: Retired 27 Jan 2018 If you are interested in learning more about penetration testing, Hack the Box is a great way to get your feet wet in a legal and well built environment. Head over to hackthebox.eu [https://hackthebox.eu] to get started. Solidstate was extremely similar to
sans SANS Holiday Hack 2017 - Wintered This year's Holiday Hack did not disappoint. Using vulnerabilities and attacks that dominated the headlines this year made the event even more fun.
computers First Useful PowerShell Script: PuTTY to SSH Config I have done a little bit of PowerShell work in the past but mostly just training exercises and modifying existing stuff. With the release of Bash for Windows and the recent announcement that Microsoft will be bringing OpenSSH to Windows [https://www.techspot.com/news/72313-native-openssh-coming-windows-10.html] I figured this
computers Metasploitable3 CTF Rapid7 just wrapped up the second of their Metsploitable3 CTFs, this time for the Linux version of the intentionally vulnerable OS that both beginner and advanced hackers can hone their skills on. They only allowed 500 participants/teams worldwide. I had a lot of free time the week of the
computers Hack The Box - Blocky Blocky: Retired 9 Dec 2017 If you are interested in learning more about penetration testing, Hack the Box is a great way to get your feet wet in a legal and well built environment. Head over to hackthebox.eu [https://hackthebox.eu] to get started. Blocky has been the easiest
computers Hack The Box: Europa Europa: Retired 2 Dec 2017 If you are interested in learning more about penetration testing, Hack the Box is a great way to get your feet wet in a legal and well built environment. Head over to hackthebox.eu to get started Enumeration Using Sparta, I ran a staged NMAP
computers Hack The Box: Apocalyst Apocalyst: Retired 25 Nov 2017 If you are interested in learning more about penetration testing, Hack the Box is a great way to get your feet wet in a legal and well built environment. Head over to hackthebox.eu to get started. Enumeration Using Sparta, I ran a staged NMAP
computers Making My Server IPv6 Compatible I got a Reddit message from a user who is running a single stack IPv6 setup and was unable to access my website. I thought I had everything in order to make this work but apparently not. Thanks to this user for reaching out so I could fix the problem.
computers Air Force Network Research Homework Continuing my Air Force Training's Advanced Distance Learning I had to choose a network protocol from a list and do a short research assignment on the tool. I chose DNS. I got 10/10 on this while also getting to use a link to a friends DNS exfiltraiton tool as
computers Update All The Things - MySQL Migration My Ghost installation recently informed me that an update was available. I usually try to take care of these as quickly as possible and have a little script the did all the updating for me. So I blindly kicked off my script and promptly bricked my Ghost install. Ghost Update
computers Air Force Training: Guided Research Assignment As part of my next round of Air Force Training's Advanced Distance Learning I had to chose a tool from a list and do a short research assignment on the tool. I chose Burp Suite. Here is what I wrote...seemed like a good idea of post something I wrote.
adventure Hacking and Skydiving Well I was lucky enough to get to go to a Con (Conference) again this year. I went to DEFCON last year but this year decided to go to a smaller Con to see what that was like. Based on a co-worker's recommendation, I decided to go to CactusCon in
computers SANS SEC642 - Advanced Web App Penetration Testing I was just lucky enough for work to send me to a SANS course in Vegas (at Caesar's no less, where Caesar lives) because a member of our team had previously booked the course and then left the company. SANS has a great refund policy and would have refunded the
confluence Updating Confluence to Do Inline Code Highlighting So Confluence 6 supports two forms of code highlighting: * In line code formatting via the {{code}} syntax that formats the code in monospace but is not highlighted (transparent background) * A 'code block' that can be inserted with the {code} tag Unfortunately I have gotten used to (and enjoy) the highlighted
ghost Confluence Server With NGINX Reverse Proxy It has been a while since my last post but I finally have something worthy of sharing...how to set up Confluence Server using the same reverse proxy as my Ghost installation. If you are curious about that process, you can see it here [https://ratil.life/installing-ghost-or-why-every-site-should-be-encrypted/]. As I