-
Secrets Management Part 2 – Encrypted Secret Retrieval with Gopass
In this post I explain how to use gopass to GPG encrypt and store your secrets locally, then integrate with direnv to…
-
Probing Slack Workspaces for Authentication Information and other Treats
Did you know that Slack provides some surprising information about a workspace to unauthenticated callers? Slack Watchman knows, and in this post…
-
Generating a Rich Custom Wordlist to use with Lil Pwny
As the number of data breaches continue to rise, safeguarding your Active Directory (AD) passwords from compromise is more important than ever.…
-
Secrets Management – Managing Environment Variables with Direnv
Many of my tools, such as GitLab Watchman, are designed to find secrets hardcoded or added as files to code repositories. Handling…
-
Retrieving and Using Slack Cookies for Authentication
Slack, like many other services, uses cookies to store authentication and session information. What is interesting with Slack, however, is that one…
-
The Pursuit of Normal: Alerting on Anomalies using Splunk
It seems strange to talk about normal right now considering that, at the time of writing, a lot of the world is…