Hey, welcome!
I usually post about technical topics, most commonly about cyber security. Sometimes I’ll post about other stuff. Who knows? It’s a surprise. How exciting!
I very occasionally toot about vague topics on @aidan@bladerunner.social and will approve legit follow requests - have yourself a profile pic, an #intro, and don’t be on some sketch instance. I don’t maintain a presence on any other social media sites, very much by design.
You can email me at the domain you’re currently visiting, using aidan as the recipient - I’m avoiding catching unnecessary spam by not just typing up the email. If you’d like to encrypt your email for me, you can use my public key.
I also write code infrequently, mostly as utilities for my job. I push the code to my self-hosted Gitea instance when I’m convinced they’re useful to some degree and might be helpful to others.
Recent posts
Token gating with Cloudflare
There are situations when you want to deliver arbitrary content, beit a file, binary, picture or otherwise, and you need to be able to restrict access via some equally arbitrary means. It’s easy enough to do this using an Apache server and some mod_rewrite rules but you can just as easily employ Cloudflare Workers to have a highly-available, rapidly updatable delivery method. There’s also a bunch of different names for this but I like the term ’token gated/gating'.
An exercise in profiling and enhancing some Python
A couple of days ago JC/yosignals/thecontractor wrote a blog about generating a wordlist for Three-Word Password Attacks using Python. The source dictionary for generation is the Oxford 5000 corpus which is an expansion on the Oxford 3000, a list of the 3,000 core words that English language learners should know.
The prototype in Python is neat and straightforward. The 5000 word (newline-separated) source is ingested to a list. The Python itertools.
Reporting for Security – Executive Summary
The executive summary for any report acts as a concise overview of the engagement process, the reported findings, and recommendations. The audience for the summary tends to be decision-makers and influential stakeholders, and the summary serves as a tool for them in prioritising risk mitigation efforts, meeting requirements for audit and compliance obligations, and identifying actionable remediation. Getting this section of the report right is crucial for communicating the risks affecting your client and for guiding them towards the solution.