Advanced Nmap NSE Script Debugging

27 Sep 2023 on SECURITY, NMAP, LUA

Learn how to debug Nmap NSE scripts like a pro

Building a Threat Hunting Lab Using Elastic Stack and Vagrant - Part 1

03 Apr 2022 on SECURITY, SIEM, THREAT HUNTING, ELASTIC STACK, OPENSEARCH

Build a dynamic malware analysis virtual lab with logging to the Elastic Stack / Elastic Cloud

Threat Hunting with Elastic
Stack - In-depth Book Review

07 Feb 2022 on SECURITY, SIEM, THREAT HUNTING, BOOK REVIEW

Threat Hunting with Elastic Stack is a solid book and I’d recommend reading it

Vim, Go and Remote Debugging

02 Jan 2022 on GO, PROGRAMMING, VIM

Setting up Vim for remotely debugging Go code

Introducing Log4Shell Sentinel

22 Dec 2021 on SECURITY, PROGRAMMING

A smart Log4Shell/Log4j/CVE-2021-44228 scanner

Python - Verifying Indirect
Imports At Runtime

16 Nov 2021 on PROGRAMMING, PYTHON

Unlike explicit imports that throw an error at application startup, indirect imports in Python throw them when they are actually used. Excessively permissive except clauses can hide them and result in unexpected behavior. Here’s how to verify them at runtime.

Proxying Application Traffic
Through Tor

07 Nov 2021 on SECURITY, TOOLS, PROXY

A quick look at how to proxy any application’s traffic through the Tor network.

AWS WAF's Dangerous Defaults

03 Oct 2021 on SECURITY, AWS, WAF, RESEARCH

AWS WAF’s defaults make bypassing trivial in POST requests, even when you enable the AWS Managed Rules

Pagination