Build a Static Blog Site in 2020

Wait… What does it mean by “static”? Can visitors post comments at all? Let’s take a closer look 😀

Check it Out

My Homelab

I DIYed my homelab server with Proxmox and a few open source tools. You can do it too 🙌 🎉 🍸

Check it Out

What I Have Been Reading

My reading list of nonfiction books. I enjoy reading them but you can draw your own conclusions.

Show Me the List

Previous Next

Recent Posts

OWASP Top Ten

The OWASP Top 10 represents a broad consensus about the most common and critical security risks to web applications. It can be used as reference for web application security.
Oct 13, 2020 7 min read CyberSecurity

Diffie-Hellman Key Exchange in a Nutshell

DH key exchange is a critical component in virtually every PKI implementation. Having a working knowledge of what it is and how it works would help in understanding PKI as a whole.
Oct 12, 2020 1 min read Encryption, CyberSecurity

Sign Client Certificate Using Self Signed CA Certificate

In a cluster setting where TLS mutual authentication is required, it’s not uncommon to see client certificates signed by either self-signed root CA or private CA.
Oct 10, 2020 4 min read CyberSecurity

Python3 CheatSheet

This post is my collection of python3 code snippets including string and list manipulation.
Oct 2, 2020 7 min read Python

Audit User Actions Using CloudTrail - Part 2

This is the second post of a series that demonstrates how to leverage AWS CloudTrail in auditing user actions. This post is focused on cross account access.
Sep 17, 2020 3 min read

Audit User Actions Using CloudTrail - Part 1

AWS CloudTrail is an essential service that records user actions and systems events. This is the first post of a series that demonstrates how to leverage CloudTrail to identify the IAM principal and establish timelines. This post is focused on same account access.
Sep 17, 2020 0 min read

Extract User Identity from AWS Cloudtrail

Whether you are troubleshooting or investigating something on AWS, being able to look up user identity across the Cloudtrail event logs can be very helpful.
Sep 15, 2020 4 min read Information Security, AWS, IAM

One Time Password, HOTP and TOTP

All you need to know about OTP from a security perspective.
Sep 10, 2020 1 min read Information Security

Threat Modeling and STRIDE Model

This post is my collection of articles related to threat modeling and Microsoft STRIDE threat model.
Sep 9, 2020 2 min read Threat Modeling

SSH and TLS: Differences and Similarities

Review the differences and similarities between the two protocols from an architecture and security perspective.
Sep 1, 2020 2 min read Information Security, TLS
See all posts

Topics

Aviation AWS Cloud Coding CyberSecurity Encryption Homelab IAM Information Security Python Raspberry-Pi React Reading Site-Building Threat Modeling TLS