-
Secrets Management Part 2 – Encrypted Secret Retrieval with Gopass
In this post I explain how to use gopass to GPG encrypt and store your secrets locally, then integrate with direnv to…
-
Probing Slack Workspaces for Authentication Information and other Treats
Did you know that Slack provides some surprising information about a workspace to unauthenticated callers? Slack Watchman knows, and in this post…
-
Generating a Rich Custom Wordlist to use with Lil Pwny
As the number of data breaches continue to rise, safeguarding your Active Directory (AD) passwords from compromise is more important than ever.…
-
Lil Pwny Rides Again: Streamline Your Active Directory Password Audits with the New 3.2.0 Update
I’m excited to announce the release of Lil Pwny 3.2.0, featuring powerful new enhancements to the Active Directory password auditing tool. This…
-
Secrets Management – Managing Environment Variables with Direnv
Many of my tools, such as GitLab Watchman, are designed to find secrets hardcoded or added as files to code repositories. Handling…
-
Stack Overflow Watchman – Discovering Secrets in Stack Overflow Enterprise for Teams Sites
Stack Overflow Watchman After a break, where my attention has been focused elsewhere, I’ve been drawn back to one of my first…
-
TryHackMe: Squid Game – Attacker 5
This series of write-ups is for the TryHackMe Room Squid Game, which you can access here: https://tryhackme.com/room/squidgameroom. This time we’re looking at…
-
TryHackMe: Squid Game – Attacker 4
This series of write-ups is for the TryHackMe Room Squid Game, which you can access here: https://tryhackme.com/room/squidgameroom. This time we’re looking at…
Blog
Here you can find all of my blog posts: