You're assessing a website. You get an HTTP response that looks like this: HTTP/2.0 200 OK content-type: text/html; charset=utf-8 expires: Sat, 01 Jan 2000 00:00:00 GMT x-frame-options: DENY x-powered-by: PHP/5.1.5 pragma: no-cache strict-transport-security: max-age=15552000; preload cache-control: private, no-cache, no-store, must-revalidate date: Tue, 18 Jun 2019 04:28:37 GMT X-Firefox-Spdy: h2 What do you report? If you've … Continue reading What’s in a version number?
The Antsle is a slick piece of hardware that is billed as a "private cloud." Capable of running LXC and Docker containers and KVM virtual machines, its software, antMan, is a nice addition to an otherwise-limited set of options. antMan Within this interface, you can create new VMs, what they call antlets, in either a … Continue reading Antsle: Initial thoughts
Browser displays this strange message SSL_ERROR_RX_RECORD_TOO_LONG on Kali is caused by using Java 11 (installed and set to default in Kali). Even though Burp does send requests and receive the responses, for some odd reason, the browser receives this error from Burp. And to make things more confusing, there's no message in the Alerts tab … Continue reading Burp SSL_ERROR_RX_RECORD_TOO_LONG on Kali Linux
One-liner to checkout all git revisions Why? This will get you the ability to look through git history in a set of folders. This is especially useful when you need to find credentials that were removed from the current revision, but not changed. *cough* Let's break it down: git log --format=oneline | cut -d " … Continue reading Git secret surfing
I like to write. This blog is a collection of ideas around things that interest me. Sometimes they are insightful. Information Security is probably going to be the most represented here, but food, the English language, code snippets, and various other things will be here. You can think of this as an informal look at … Continue reading Welcome