I’m back to Hacking the Box, and my goal is to do one box per day, even if it means looking at write ups. I’m currently subscribed to the VIP membership, and I’m doing the Linux Privilege Escalation Track. Even though I try my hardest for some of the box, I still peek at the […]
This was an Okay-ish book, and it had nothing to do with designing any applications. Instead, it gives you a very detailed tour about how distributed systems work, and their fault-tolerance technologies. In each Chapter, I’ll list down points I found important Chapter 1: Reliable, Scalable, and Maintainable Application Reliability: Systems work correctly even when […]
Summary of the book: https://www.amazon.com/Threat-Modeling-Designing-Adam-Shostack/dp/1118809998 Overall a superb introduction to the activity of performing threat modeling of software. Although, some chapters do feel like filler content, and the crux of the topic lies in a handful of chapters. Threat Modeling of the System The purpose of threat modeling is to elicit the possible attacks that […]
In this post, we’re gonna talk about Zero Trust Networks and Architectures. Zero Trust, like DevOps, isn’t a set of tools that you buy and suddenly you have Zero Trust, but rather it’s also about culture, policies, and more broadly, organization of resources. The whole premise of Zero Trust is to move away from the […]
Shift from being an effective Problem Solver to an effective Problem Finder. Shift from being an effective Information Gather to an effective Information Curator. Seek to curate information, not collate information. The world is filled with information, and many times the customer faces information overload. Simply bombarding them with endless information, technical specifications, user manuals, […]
We’re all mostly familiar with DevOps, which a culture or methodology a company takes that enables quick deployment time. The main principles of DevOps in this case heavily relies on automation of several tasks, from build the program, running test cases, creating of environments, and deploying it to staging or production. The first two tasks […]
Summary of two books: Extreme Ownership and The Dichotomy of Leadership. In the first book, it covers on the principles of Extreme Ownership, which is to place a lot of agency and responsibility onto yourself. In the second book, it talks about the challenges and balances one must take to be a successful leader. Extreme […]
We know that Python is fast when it comes to general scripting use cases, and I’ve always been an ardent user of Python, from version 2 to 3 and its painful migration. Only recently, have I decided to pick up another language, GoLang, and was surprised to see that it was way faster. Although GoLang […]
This book talks about the geopolitics surround hacking and nation state motivations. Its really interesting because you get to understand some of the mindsets and motivations a state, or an activist group has when performing a cyber attack against another entity. The book neatly segregates the motivations into 3 sections: Shaping, Signaling and Shaping Shaping […]
With all the news surrounding the breach of SolarWinds update server, and subsequently a majority of clients downloading and installing a backdoor, there has been a lot of analysis of the malware, and the supposed DGA that is being generated. I’m here to question if the behavior fits more of a DNS tunneling event, instead […]
Code of The Day 