koenrh

Running Hashcat on Google Cloud's GPU-based VMs

In February 2017, Google announced the availability GPU-based VMs. I spun up a few of these instances, and ran some benchmarks. Along the way, I wrote down the steps taken to provision these VM instances, and install relevant drivers.

Update April 2019: Updated instructions to use instances with the Tesla T4 GPUs.

koenrh

Proxifying a VMware Fusion virtual machine on macOS

This is a little guide that helps you to "proxify" a VMware Fusion virtual machine on macOS. This can be useful if you want to isolate and analyse web traffic to/from an application by running it in a VM.

Prerequisites

• VMware Fusion 11 Pro
• Transparent HTTP/HTTPS proxy (e.g. Burp Suite Pro or mitmproxy)

koenrh

#!/bin/bash
org=blendle
token=$GITHUB_BUNDLE_AUDIT_API_TOKEN
gh_api_host=api.github.com
gh_raw_host=raw.githubusercontent.com
gh_repos_url="https://$gh_api_host/orgs/$org/repos?type=sources&per_page=1000"

bundle-audit update

for repo in $(curl -s -H "Authorization: token $token" "$gh_repos_url"  | jsawk -n 'out(this.name)'); do

koenrh

Application access

When was the last time you went through the list of applications that have access to your private data?

Name	Applications
500px	https://500px.com/settings/applications
Amazon	https://www.amazon.com/gp/mas/your-account/myapps/
App.net	https://account.app.net/settings/authorized-apps/

koenrh

How to flush the OCSP cache

Mac

1. Open Terminal.app.
2. Copy the following line and hit Enter.

• sqlite3 ~/Library/Keychains/*/ocspcache.sqlite3 'DELETE FROM ocsp;'

Windows

koenrh

RSA Conference 2014: cancellations

List of people who have cancelled either their session (e.g. talk, panel participation or seminar) at RSA Conference 2014.

Date	Name	Job title	More info
2014-01-20	Roel Schouwenberg	Senior Researcher, Kaspersky Lab	Tweet
2014-01-09	Jim Manico	Global Board Member, OWASP and VP of Security Architecture, WhiteHat Security	Tweet
2014-01-09	Eoin Keary	Global Board Member, OWASP and Director, BBC Risk Advisory	Tweet
2014-01-07	Chris Palmer	Software Security Engineer, Google	[Tweet](https://twitte

koenrh

Param(
  [string]$Url = "svn://my.repo.url",
  [string]$Username = "krouwhorst",
  [string]$Password = "secret"
)

Function Get-SubversionLog {
  ([xml](svn log $Url --xml --verbose --username $Username --password $Password)).log.logentry | ForEach {
    $item = $_
    $_.paths.path | ForEach {

koenrh

|                         |                            |       | HTTPS   | Secure        |                                                      |
| Naam                    | Host                       | HTTPS | default | sessie-cookie | Opmerking(en)                                        |
|-------------------------+----------------------------+-------+---------+---------------+------------------------------------------------------|
| Algemeen Dagblad        | www.ad.nl                  | nee   | nee     | JA            | alleen login (via caps.ad.nl)                        |
| AT5                     | www.at5.nl                 | nee   | nee     | nee           | wachtwoord over HTTP                                 |
| Blendle                 | blendle.nl                 | JA    | JA      | JA            |                                                      |
| BNR                     | www.bnr.nl                 | nee   | nee     | -             | wachtwoord over HTTP, sessie-id in query string      |
| 

koenrh

Keybase proof

I hereby claim:

• I am koenrh on github.
• I am koen (https://keybase.io/koen) on keybase.
• I have a public key whose fingerprint is 2DF9 C434 0486 A4A2 7073 CDE8 D049 F80B 2020 3178

To claim this, I am signing this object: