Recent Posts
-
Secrets Management Part 2 – Encrypted Secret Retrieval with Gopass
In this post I explain how to use gopass to GPG encrypt and store your secrets locally, then integrate with direnv to…
-
Probing Slack Workspaces for Authentication Information and other Treats
Did you know that Slack provides some surprising information about a workspace to unauthenticated callers? Slack Watchman knows, and in this post…
-
Generating a Rich Custom Wordlist to use with Lil Pwny
As the number of data breaches continue to rise, safeguarding your Active Directory (AD) passwords from compromise is more important than ever.…
-
Lil Pwny Rides Again: Streamline Your Active Directory Password Audits with the New 3.2.0 Update
I’m excited to announce the release of Lil Pwny 3.2.0, featuring powerful new enhancements to the Active Directory password auditing tool. This…
-
Secrets Management – Managing Environment Variables with Direnv
Many of my tools, such as GitLab Watchman, are designed to find secrets hardcoded or added as files to code repositories. Handling…

PaperMtn
Cybersecurity professional based in the UK. Enthusiast of nature, chequered shirts and lists of three. Creator of open-source tools like Slack Watchman, GitLab Watchman, Lil Pwny, and more.
Here I write about my tools, tradecraft and anything else I feel like.
DevSecOps | SaaS | AI | Cloud
Archives
- March 2025
- September 2024
- August 2024
- July 2024
- May 2024
- July 2023
- May 2023
- January 2021
- October 2020
- September 2020
- June 2020
- May 2020
- April 2020
- March 2020