Blog Posts
Featured Article
Loading featured article...
Explore other posts
- Previously worked with OTRS5 or OTRS6, at least as administrator
- Experience with Perl5, unit tests
- Some experience with GitLab CI
Exposed object storage continues to be an issue in 2023
Published: 2023-11-28
Publicly exposing sensitive data via misconfigured object storages (“buckets”) has been an issue for years. Multiple articles highlight the dangers of misconfigured buckets. In 2022, Laminar Labs found that 21% of public facing AWS buckets contain sensitive data. The article goes into great detail why that is a problem and how it can be mitigated. However, their research focused exclusively on AWS. I wanted to see how prevalent exposed buckets are across the major four providers: AWS, Azure, Google and DigitalOcean.
Read the articleUsing Google Analytics in Electron Apps
Published: 2020-11-04
Editor’s note: This post was originally written for Universal Analytics, the previous generation of Google Analytics. Google has since retired Universal Analytics in favor of Google Analytics 4, so parts or all of this post may not work with the new Measurement Protocol API.
I recently had to implement a comprehensive Analytics solution into one of our Desktop apps, which is built using Electron and VueJS. It was decided early on to use Google Analytics for this, due to the existing infrastructure and familiarity with the web interface.
Read the articleHackTheBox: Baby Challenge - Writeup
Published: 2021-05-20
I’ve been waiting to check out Ghidra and some Reverse Engineering for a while now, and I figured that an easy HTB Challenge would be a good way to start, especially since this one’s called Baby.
Read the articleHackTheBox: Emdee Five For Life Challenge - Writeup
Published: 2021-05-25
After my little excursion into Reversing, I was up for some easy Web challenge. Emdee Five For Life is just that easy web challenge I was looking for.
Read the articleHackTheBox: Exatlon Challenge - Writeup
Published: 2021-05-28
This is the box where I realised that “Easy” on HTB means “This is insane, send help” in real life (sometimes).
Read the articleHackTheBox: Impossible Password Challenge - Writeup
Published: 2021-05-26
After a light entry to Reversing with the Baby Challenge, it’s time for something a bit harder.
Read the articleHackTheBox: Love - Writeup
Published: 2021-06-01
My first Windows box! I’ll spare you the days of desparation and get straight down to business. I learned a lot from this box, and it was quite fun and extremely frustrating at the same time.
Read the articleHackTheBox: Postman - Writeup
Published: 2020-03-27
Postman was one of the easy Linux boxes available on HTB. As I’ve never really done any other box before, I was eager to give this one a try and dived right in.
Read the articleHackTheBox: Scriptkiddie - Writeup
Published: 2021-03-22
One of my first boxes on HackTheBox, this is a little bit rough. Let’s dive in.
Read the articleHackTheBox: Spectra - Writeup
Published: 2021-05-28
After quite a few Reversing challenges, it was time to get back to actual machines. This one was marked as Easy, and as we’ll see, that is mostly true. Note that you’ll need to configure an /etc/hosts entry to point the machine IP to spectra.htb for most of this to work.
HackTheBox: Tenet - Writeup
Published: 2021-06-05
After finishing Love, I figured I’d go straight over to Tenet, my first Medium box. It was honestly a fantastic experience, with a lot of learnings regarding things like XSS, how PHP handles objects and how important it is to not use random data. Let’s dive in.
Read the articleGitLab CI and OTRS6 Unit Tests
Published: 2019-06-14
In this post, I’ll be taking a look at how to automate OTRS 6 unit tests and integrate them into GitLabs Continuous Integration. This post assumes that you have a bit of previous experience:
I will touch on all of the above points as good as I can throughout the post, but I may not go into great detail everywhere.
Read the articleSwitching from VirtualBox to QEmu on Manjaro
Published: 2022-06-19
On Linux, VirtualBox has always been my go-to solution for running VMs, which I mostly use to run Kali and/or ParrotSec nowadays. However, with the latest VirtualBox (6.1.34-4) and Kernel update (5.15.48-1), something seems to have broken VirtualBox. When starting any VM, old or new, there is intense flickering and apps like Firefox crash either instantly or after some 30 seconds of use. Googling online, this seems to be an active issue, with the only potential workaround being a kernel downgrade (at the time of writing).
Read the article