Hibp-downloader - download api.pwnedpasswords.com fast

hibp-downloader is a CLI tool to efficiently download a local copy of the pwned password hash data from the very awesome HIBP pwned passwords api-endpoint using all the good bits; multiprocessing, async-processes, local-caching, content-etags and http2-connection pooling to make things as fast as is Pythonly possible.

Read More

Elasticsearch Kibana CLI (eskbcli)

ElasticSearch Kibana CLI (eskbcli) is another tool I’ve had in my back-pocket for a while and frequently rely on when working threat-response / threat-management cases where direct access to ElasticSearch is not easily possible.

Read More

SolarEdge API interface

Outside the usual realm of security-things, last week I published a SolarEdge Interface, a command-line and a Python module interface to interact with the SolarEdge API service that’s a decent improvement over the existing ones out there.

Read More

Digital Multimeter interface

Wrote a digital multimeter CLI tool (and Python module) to read an old Digitech QM1538 multimeter sold by Jaycar, Australia. This was a weekend-project that started with a scratchy old data-sheet that described the serial-protocol used by this thing. I’d not written a serial-protocol decoder before and the tool would make my digital-multimeter usable via Linux and accessible remotely via SSH which is what I really wanted in this case.

Read More

Env-Alias environment helper utility

Env-Alias is a helper utility to create shell alias commands that easily set collections of environment variables often with secret values from a variety of data-sources and data-formats.

Read More

Python client for pfSense FauxAPI

For longest time I’d been meaning to roll a PyPi package for the Python client interface to FauxAPI, and it is now a thing - it also closes the long open issue #22 asking about PyPi from way back.

Read More

Terraform + Digital Ocean Droplets

This Terraform module creates a Digital Ocean Droplet using Terraform with desirable additional features. The module is essentially a wrapper around the Digital Ocean provider using a cloudinit script to provide additional features:-

  • remount existing volumes
  • create an initial user with an sshkey
Read More

Keybase.io Network Graphs

Recently I became interested in Keybase.io and really wanted to be able explore my network-graph using Gephi, so I wrote a quick tool to collect the data from Keybase; dump it into GraphML file; then loaded it up in Gephi. The results nicely highlight who-knows-who; the strengths and weaknesses in my own Keybase network; and super connector users with many followers.

Read More

Using FauxAPI for pfSense users and groups

Recently a pfSense FauxAPI request came in as an issue on Github that I wrote example code to address because the use case sounded like a a common enough request - Github user @Jgerardopine spoke of wanting a programmatic method for creating (and managing) user accounts in pfSense and was looking to pfsense_fauxapi to address that requirement. The example code can be found in the examples section of the repo.

Read More

FauxAPI for pfSense

A few years ago I ended up with responsibility for a small fleet of pfSense hosts in several different countries with some being 400+ms latency away which made managing them difficult. I was keen to find a solution that would save staff time and provide a way achieve better configuration consistency across them. After taking a good look at the pfSense code the complexities of the code legacy pfSense is dealing with made it clear why there was no existing API for pfSense as the webapp do not have a consistent framework or Model-View-Control arrangement, indeed many operations simply happen inline at page load.

Read More

Philippines Census + Geocoding + Google Maps API Data Mashup

Recently I noticed that the Philippine Statistics Authority (PSA) does an okay job of publishing their datasets openly and freely online. This is notable because not all authorities in the Philippines are able to achieve this level of straight-forward openness. You could even say it’s quite impressive!

Read More

A Catalogue Of Unusual Things In The Philippines

A collection of things in the Philippines that are surprising, different, unusual and often remarkable. Everytime you observe oddball things like these, you really have to see them as opportunities to teach, educate and improve.

Read More

Experiments With Cjdns

In December, 2017 I spent time experimenting with a mesh overlay network called Cjdns that has some interesting qualities about it. I’m not a fan of the darkside-crypto-anarchy mentality that pervades some of the Hyperboria network participants as I believe it erodes the legitimacy of the technology in the same way as Torrent and Tor peer-to-peer systems have issues. With an information-security-hat on however it’s a technology to understand because among other things it can very easily bridge networks in ways you probably do not care for in your own environment.

Read More

Getting The Blog Back Online

After a ~10 year hiatus I’ve found time return the blog online - happy days. After considering various approaches I’ve settled on using Github Pages which provides a several nice upsides with least one very-notable downside.

Read More

Lower East Side New York City Crime Data

An API end point that returns crime data for cities in the United States. This post has been updated using command- line tools rather than PHP code, however the original end-point is still alive and well with up-to-date data.

Read More

Hack a phone, hack a bank

Complex systems are hard to secure. It's a statement that gets made time and time again and it makes perfect sense. If you have a system where interactions between various components is complex and difficult to describe or monitor then you can be sure that the failure of components within that system will have consequences that are hard to foresee or appreciate. No surprise.

Read More

An API for Google Alerts

Google recently enhanced such that it is possible to obtain RSS feeds of canned searches. This is enormously useful but there is no API that enables one to programmatically list, add and remove items to their set of Google Alerts. So partly because it's too cold outside to do anything and partly because this seems like useful functionality I spent a few hours today writing a PHP class that implements an API to Google Alerts.

Read More

Motorcycle ride from New York to San Francisco

Moto as in motorbike and motorcycle. Riding from New York City to San Francisco and blogging about it on the way has been the underlaying motivation to put this site together in the first-place. I'm planning on doing the ride in June 2009 on a Kawasaki KLR650 over the course of 4 weeks.

Read More

ATM Security Is Hard

Securing an ATM is hard. Consider this, you have a small compact (albeit strong and heavy) item stuffed with cash in a publicly accessible place. Unless you can sufficiently protect it, it's going to become a liability.

Read More