Useful static apps! (Updated)

Sometimes i make static pages for single purpose and they can be quite useful so i will just leave them here For security Here is a simple page to show case some useful Content Security Policy (CSP) tricks for protecting apps from XSS https://cspdemo.surge.sh/. I find sharing this page and some explanation get buy in from developers a lot quicker. Here is my example to show why it is a good idea to host user’s provided content, especially ones where user has full control over, SSRF/proxied-pages in a completely separated domain.
Read more

Splunk trick

Index Time Sometimes we have logs that takes time to get ingested. When building an alert base off these logs, you may want to use index time instead of event time. This search is example when you want to “search for successful login from loginlog sourcetype where Ip address is included in the list of blocked IPs indexed in the last 120 minutes.” - Useful when we want to expand the search and see if the blocked ip managed to bruteforce their way into legit account previously.
Read more

Gnome extension - Argos

So just recently I got back on the Nix bandwagon and it has been an extremely smooth/enjoyable ride thanks to my trusty Galago Pro and the awesome PopOS that comes with it! ;) With that said, there are a few things I miss when i was using MacOSX and one of those is the awesome BitBar app! Then comes along Argos. This gnome extension project does exactly what i want and I have since created a couple of task menus with it to help with my day to day.
Read more

Sheets and script

Sometimes you have boring task such as scrolling through thousand lines of csv logs with TONS of columns and you have exhausted all your options using regex to help narrowing down things you are interested in, etc … and it becomes pretty annoying to scroll horizontally to read 50+ row while reading the truncated content in tiny cells (It may help if you have 50” with 4k resolution though). This is why i wrote this shitty piece of code to eh… help.
Read more

Android 8 root & cert

Recently i want to mess with some phone traffic so i took out my broken screen Pixel phone and decided to wipe it and use it for testing. After downloading the latest android 10 factory build and flash it to the phone via fastboot, It became apparent that the community hasn’t spent much time modding it and mounting /system as RW is still very alpha or doesnt work at all.
Read more

Bash trick

TIRED OF FOGGY BRAIN I always have trouble with recalling what command i ran in the past, constantly looking up for simple trick in bash so i have always wanted to build something similar to cheat.sh for myself. Except cheat.sh runs on a python flask server and i really think it is bloated/overengineered for what it does. All i want is a simple static site generator to convert markdown notes to colored console output.
Read more

Script those mailbox alerts!

UPDATE - automatically save to google drive Update: So I recently found that some of my alerts are quite good at catching password list and i often get 2 or 3 a day and the uploader or pastebin keeps deleting them after a few hours/days. I don’t really look at these files but wanted to collect them for future reference (eg building a password list, building a similar service like haveibeenpwn but more instantaneous eg sending emails to users who are affected out of good will), so i rewrite the appscript a little to fetch the file and save it to google drive.
Read more

How not to run a CTF.

For #cmdevcamp19 our security team decided to host a Jeopardy style Capture The Flag challenge for all the developers. This round of CTF did not run as smoothly as we hoped for and there are a lot of improvements need to be made for the next time. Problem 1 : Flag is inconsistent, not ready or required last minute changes The CTF is built to raise awareness about security at Cammpaign Monitor(CM) so for the main challenges, we decided to tweak the internal dev environment - revert some of the fixes and disable some security flags.
Read more

AWSBill < 10$

So if you followed me from previous blog to this new blog, you know that this blog is served using cloudfront + s3 bucket and every now and then, when i commit new post to master for the blog, like i’m doing now, a webhook fires from github to a lambda function sits behind an AWS API Gateway. This lambda function then download the latest version of the blog, do a hugo build and deploy it to the S3 bucket.
Read more

Building a slackbot with aws lambda

Recently i needed to build a small slackbot and go + aws lambda seems to be a good choice for the job. Slack API A good library for communicating with slack API can be found here: https://github.com/nlopes/slack 1 - Every request from Slack is signed Every request from slack are signed and can be verified with the following code. Note that the code does not take in a http.Request object but the value of the X-Slack-Signature and X-Slack-Request-Timestamp along with the requestbody so i can reuse this code to either handle requests from AWS APIGateway or running this code as http server.
Read more