How to prevent things from going wrong in production
What is Porter?
Take everything you need to do a deployment, the application itself and the entire process to deploy it: command-line tools, configuration files, secrets, and bash scripts to glue it all together. Package that into a versioned bundle distributed over standard Docker registries or plain tgz files.
Now anyone can install your application without deep knowledge of your deployment process, or following a step-by-step deployment doc, regardless of the tech stack.
Why Porter?
Single command to find and deploy any application, regardless of the tech stack. No knowledge of the deployment process necessary.
Secure handling of secrets and credentials, integrated with industry standard secret stores.
Share the operational load of managing your team's deployments.
Works with and improves existing tools, such as bash, cloud CLIs, terraform and helm. You don't rewrite your existing deployments to start using Porter.
Reliable deployments because the client environment: cli versions, installed commands, configuration... is dependable and consistent.
A mental model of how various components of a regular expression work from the bottom-up.
I started reading this book around a week ago.
Again a great collection of things worth reading all around bug bounty and pentesting.
This time a video, I haven't watched it completly until now, but I scrolled through the slide deck and think it is worth watching.
If you’ve already read my first post about awk, thanks for reading this one too! If not, that’s probably a better place to start.
The other day, I was watching Bryan Cantrill’s 2018 talk, Rust, and Other Interesting Things, and he made an offhanded comment while discussing values of different programming languages and communities. He said, “If you get the awk programming language manual…you’ll read it in about two hours and then you’re done. That’s it. You know all of awk.”
I switched for daily notes and diary entries to Vimwiki. I like the fast access and combine it with gollum to display in the browser. In the article you find shortcuts and tipps for working with the todo function.
Container security is a broad problem space and there are many low hanging fruits one can harvest to mitigate risks. A good starting point is to follow some rules when writing Dockerfiles.
If you are looking for practical guidelines around how many indices and shards to have in your cluster, this blog post will help you avoid common pitfalls.
Some very useful examples for grep
Bug Bytes is a weekly newsletter curated by members of the bug bounty community. The first series is curated by Mariem, better known as PentesterLand. Every week, she keeps us up to date with a comprehensive list of write-ups, tools, tutorials and resources. This issue covers the week from 04 to 11 of October. Intigriti […]
A collection of Jupyter notebooks for learning Python from the ground up. - aceking007/Byte-Sized-Code
Postmortem templates
Good source to write postmortems.
Good intro on Bash errorhandling from Julia Evans
Very interesting post, I did that move years ago. I started using Linux on a daily basis on my work notebook around 2008. Sometimes parallel with Mac OS.
Today I think about switching the X1 to OpenBSD, but need to work with different business tools for meetings, remote access and so on. So I will first build a test environment.
A kubectl plugin that utilize tcpdump and Wireshark to start a remote capture on any pod in your Kubernetes cluster.
You get the full power of Wireshark with minimal impact on your running pods
Very interesting article about the Apple bugbounty program and vulnerabilities.
Interesting introduction into AWX the free version of Ansible Tower.
Bug Bytes is a weekly newsletter curated by members of the bug bounty community. The first series is curated by Mariem, better known as PentesterLand. Every week, she keeps us up to date with a comprehensive list of write-ups, tools, tutorials and resources.
KeyStore Explorer is an open source GUI replacement for the Java command-line utilities keytool and jarsigner. KeyStore Explorer presents their functionality, and more, via an intuitive graphical user interface.
In this tutorial, we'll learn the best pytest features and plugins to speed up your development process. They're very simple and you can start using them right away. Table of Contents How to Stop a Test Session on the First Failure How to Re-Run Onl...
It is Linkdump time again. I fixed some things during the week, so my Shaarli instance can use the API now. I do a lot of research and reading on the phone. Now I can share important articles through Stakali, add short notes and do followups on my other devices (tablet, computer).
To automate I created a short Python script to collect my saved bookmarks (marked with the tag linkdump) and create an asccidoc document for my hugo instance. So I can do a quick review and post it.
Hacktoberfest If you aren't familar, Hacktoberfest is an annual event that occurs every October. It is held by Digital Ocean and encourages developers to submit Pull Requests to Open Source repositories and as a reward you get a T-Shirt.
A good idea from Digitalocean, this time Github is flooded with tiny spam PR
Bug Bytes is a weekly newsletter curated by members of the bug bounty community. The first series is curated by Mariem, better known as PentesterLand. Every week, she keeps us up to date with a comprehensive list of write-ups, tools, tutorials and resources. This issue covers the week from 18 to 25 of September. Our […]
Huge collection of links to articles, podcasts and videos from the infosec and bugbounty community
Pytest is test framework used to make simple, yet scalable test cases with ease. Let's learn how to Automate test process using Pytest and Selenium WebDriver.
I used unittest and selenium before, but heared that pytest is newer and the better approach. I'm in the beginning of building tests for HCL Connections and will check if pytest is really better or easier than unittest.
Gitlab sold Gitter to Matrix this week.
I think both projects can benefit from this. In the moment I like Gitter more, but when the teams merge features it gets even better.
Automation script to prepare shared Shaarli bookmark collections on a Hugo blog.