craig-m-unsw

Organization archetypes

The intention of this document is to provide some guidance and suggestions to customers who are wondering how they should structure organizations and teams in their GitHub Enterprise environment. The idea isn't to give hard and fast rules on which approach is better than the other, but to give examples of when one approach might be preferable to another depending on the use case.

1. A single organization with direct organization membership for repository access (not teams)

          ________________
          |     Org      |
          |    ______    |
          |   |      |\  |

| | Repo | \ |

craig-m-unsw

Third party SAML Single Sign On (SSO) integration/implementation - Tech spec

• Author: Heriberto Perez

Background

The implementation of SSO in order to connect with other services/providers/sites is a common requirement these days

For those cases when you have the need to integrate a third party service and embed some widgets in your site, and in order to make it in a secure way and based on dynamic data for the current authenticated, that is when the SSO integration comes handy for you.

Goals

This Tech spec will serve as a reference a SAML Single Sign On (SSO) integration.

craig-m-unsw

Installing cloud-init on a fresh Raspbian Lite image

This is a work in Progress!

Purpose

This mainly demonstrates my goal of preparing a Raspberry Pi to be provisioned prior to its first boot. To do this I have chosen to use the same cloud-init that is the standard for provisioning servers at Amazon EC2, Microsoft Azure, OpenStack, etc.

I found this to be quite challenging because there is little information available for using cloud-init without a cloud. So, this project also servers as a demonstration for anyone on any version of Linux who may want to install from source, and/or use without a cloud. If you fall into that later group, you probably just want to read the code. It's bash so everything I do, you could also do at the command line. (Even the for loop.)

craig-m-unsw

Pentesting-Exploitation

Pentesting-Exploitation Programs and Commands , Protocols Network / Ports

Table of Contents

• Table of Contents
• Recon
  • File enumeration
• Disk files

craig-m-unsw

7 Things to know about r10k 4 in PE 2023.4

(From the PE documentation at: https://www.puppet.com/docs/pe/2023.4/upgrading_pe#upgrade_cautions-r10k-4-upgrade)

1. Starting in PE 2023.4, if you use Code Manager or r10k, with SSH protocol for remote Git repository access, you must set up SSH host key verification.

To manage the known_hosts file and enable host key verification for Code Manager or r10k, you must define the puppet_enterprise::profile::master::r10k_known_hosts paramet er with an array of hashes specifying "name", "type", and "key" with your hostname, key type, and public key, respectively.

This is the error message you will see if running code deploy:

craig-m-unsw

Bruteforcing the 3 main security levels of a computer

Level 0 - BIOS

Docs:

• Decode a Laptop BIOS Password Using a Simple Checksum Script

Most BIOS store the checksum of the password in the FlashROM chip.

craig-m-unsw

$HOME, Not So Sweet $HOME

• Preface
• 1 What is $HOME to you?
• 2 Setup
  • 2.1 Linux
    • 2.1.1 $HOME
    • 2.1.2 Dot-files and dot-directories
    • 2.1.3 XDG Base Directories
• 2.1.4 xdg-user-dirs

craig-m-unsw

/*
 * This is an example Linux daemon that communicates via dbus.
 * When run, it will daemonize and print to standard output two lines:
 *
 *   1. The PID of the daemon process, which can be used to kill it later with `kill -s SIGINT <pid>'
 *   2. The unique D-Bus address it will be listening to
 */

#include <signal.h>
#include <stdio.h>

craig-m-unsw

Chef Local Development Workflow with ChefDK, Vagrant, VirtualBox, and Test Kitchen

Overview

The following document is intended to be a quick guide to getting you setup for doing local development with Chef. This guide was created on my MacBook, but should work fine with Linux, and Windows workstations as well.

Quick review on fundamental tenets of Chef

• Workstation - A workstation is a computer that is configured to run various Chef command-line tools that synchronize with a chef-repo, author cookbooks, interact with the Chef server, interact with nodes, or applications like Chef Delivery
• Node - A node is any machine—physical, virtual, cloud, network device, etc.—that is under management by Chef.
• Chef Server- The Chef server acts as a hub for configuration data. The Chef server stores cookbooks, the policies that are applied to nodes, and metadata that describes each registered

craig-m-unsw

Introduction to Infrastructure testing with Inspec

Testing is a common practice for software teams and has evolved tremendously over the last 2 decades. Test Drive Development (TDD), Unit Testing, Integration, Acceptance Testing, you name it there is a testing pattern for it. However, less attention is paid infrastructure testing. It’s more of a nebulous topic and is often a bit more difficult to know where it fits into your development process. developers responsible for writing these tests or the folks deploying the software? What if it’s the same team and you’re following a more “DevOps” model?

We’ll attempt to answer some of those questions and more by showcasing a common tool that can be used for infrastructure testing, called Inspec, and patterns your team can adopt to test your infrastructure like you test your software.

What is Inspec

Inspec is an open-source framework, written and maintained by Chef, for auditing and testing your application and infrastruc