Lessons learned: June 2024

Another month, another 20+ tabs.

I've kept myself busy, being inspired by tales of pen testers breaking into military compounds, engineers detecting phone tapping in Greece 2004 and expanding my network scanning suite with tools such as Shodan and Proxyman.

There's more to it, so let's get started.

Security

• Virus total - Search IPs, URLs, applications against a community database for community identified malware
• Extension Total - Analyse VS code extensions for malware, vulnerabilities and harmful code
• cariddi - provide a URL to scrape it's pages, assets, keys and more
• wadcoms - an interactive cheat-sheet for Windows/Linus pen testers
• apk2url - reverse engineer android apps to obtain endpoints, assets, tech stack and anything else left exposed.

Training

• https://github.com/PanXProject/awesome-certificates
• https://github.com/kdeldycke/awesome-iam#readme
• https://github.com/brootware/awesome-cyber-security-university#readme
• https://github.com/arainho/awesome-api-security

Gaming

This is awesome. We're in 2024, seeing a game from 1996, configured to play on a handheld console from 2001, which had probably half the power/juice as the intended 1996 console. Forget Mario 64 on the DS, it's time to revive the GBA!

Speaking of the classics, there's yet another discovery in Final Fantasy 7. With a combination of save files, scene manipulation and carefully timed steps, the impossible has been made possible. Aerith/Aeris lives on!

1Password

After ssh-ing across instances, I observed that a private ssh key displayed in the 1Password web client was different than what the desktop client was rendering. After playing with copy+paste and exporting, it looked like a further layer of encryption was being applied.

Turns out it was! Well, that's the assumption at least. A user has raised the issue here: https://1password.community/discussion/143174/1password-ssh-private-public-key-formats, though no response yet from the support team. Looking forward to their response 🙏.

Blog posts

A combination of architectural debates, development processes and vs code extensions. Just like a typical workplace!

• https://yekta.dev/posts/dont-microservice-do-module/
• https://betterprogramming.pub/graphql-from-excitement-to-deception-f81f7c95b7cf
• https://bessey.dev/blog/2024/05/24/why-im-over-graphql/
• https://medium.com/@amitassaraf/the-story-of-extensiontotal-how-we-hacked-the-vscode-marketplace-5c6e66a0e9d7

Using access tokens in Postman

Here's a snippet showing how to use a Cognito login and pass the token to all subsequent Postman API requests.

1. Create a POSThttps://cognito-idp.{{region}}.amazonaws.com/ request with the following body

headers: {
	Content-Type: application/x-amz-json-1.1
	X-Amz-Target: AWSCognitoIdentityProviderService.InitiateAuth
},
body: {
    "AuthFlow": "USER_PASSWORD_AUTH",
    "ClientId": "",
    "AuthParameters": {
        "USERNAME": "",
        "PASSWORD": ""
    }
}

2. Now add the following to the post-request tab of this same request:

// capture response
let responseData = pm.response.json();

// set env value to access token in response
pm.environment.set("accessToken", responseData.AuthenticationResult.AccessToken);

3. Now add this snippet to the pre-request tab of the top most parent in your collection:

// add to parent collection item
let accessToken = pm.environment.get("accessToken")
pm.request.addHeader(`Authorization: ${accessToken}`);

4. Lastly, ensure all requests set their Auth option to "Inherit auth from parent" and viola! Access tokens are now used for every request.

Dev setup

Whilst searching through my history for one (wide variety of dev, graphics, security, etc), I stumbled upon another! (code focused) I've always thought I should do this myself, but these online legends (and I'm sure many more) are already ahead. Super helpful when setting up a new macbook.

That's a wrap!

See you next time 👋