HackerOne

So, a lot has happened over the last year which has kept me off social media and much of it I don’t really want to talk about.¬† Needless to say life has changed a lot – for the better ūüôā¬† One of the interesting things that happened is I’ve had some time to get into the HackerOne program and get… Read more →

2017 MR340

The week has come and gone. ¬†I can now say, as an MR340 veteran, that this was an absolute success for me. ¬†I finished within the 60-70 hour window that I had anticipated finishing in and due to all of the training, felt like I could get back in and paddle some more when all was said and done. Final… Read more →

Go Update your PHP based servers NOW

Got the following advisory in my email today. For the¬†TL;DR crowd Multiple critical bugs in PHP 5 and 7 that may enable remote code execution and/or denial of service.   For everyone else that wants the details   OVERVIEW: Multiple vulnerabilities have been discovered in PHP, the most severe of which could allow an attacker to execute arbitrary code. PHP… Read more →

MR340 Training in full swing

Something from a little different topic for this post – Kayaking! Later this summer I’ll be doing the MR340. ¬†If you’re not familiar with the MR340 you can read more about it at the Rivermiles website. This year will be the 12th year this race has run. ¬†It spans from Kaw Point in Kansas City, MO to Frontier Park in… Read more →

Orchestrate to Mongo: Pt. 2

Well I’m happy to say that this Java stuff is witchcraft. ¬†The project I had been given was a Java application with Spring Data as the core interface to the Orchestrate Data. ¬†Moving to Mongodb, which is also supported natively by Spring, was a pretty painless endeavor.   I won’t go into all of the details but I was able… Read more →

Orchestrate to Mongo

I figured I’d post this here in the unlikely event it gets picked up by google and helps someone else. So, if you haven’t heard the Orchestrate.io managed nosql solution is going away at the end of March. ¬†While there isn’t anything official on their site, I as well as others¬†got the email confirming it was shutting down. So, I… Read more →

Holiday Hack Challenge: Update #10 (Edited)

With the submissions now closed, I present my write-up for the SANS 2016 Holiday Hack Challenge! SANS 2016 Holiday Hack Submission¬†(23 MB) Also if you missed the last post, here’s the video walk-through of the RPG portion. SANS 2016 Holiday Hack RPG Walkthrough¬†(Youtube) And last but not least, my github repo. SANS 2016 Holiday Hack Challenge Code Repo   I’ve… Read more →