Blog

April 18, 2025
15 min read

Network Commands

This post is meant to be a single point of reference for all of the random ways of interacting with and diagnosing network(s) from a machine.

It was started after spending a significant amount of time working in packer, across both the Debian and Red Hat family OS's. There are so many ways to handle networking it's hard to remember these notes when I don't have access to them, and each tool had a dedicated page that has been built upon for 5+ years. Porting each of these notes to this page is an opportunity to clean up, review, and expand on each tool (and add new ones).

As of the latest update, this includes Linux (Debian / RedHat), BSD (pfSense), and Windows.

February 22, 2025
2 min read

rsync

The fast, versatile, remote (and local) file-copying tool. It operates using deltas and by looking at properties to only update parts of files that have changed, making it incredibly efficient and invaluable as a part of a regular or scheduled backup operation. I have used this tool to ensure local, remote, and external copies of directories are in sync, or to identify what has changed.

January 20, 2025
1 min read

CI/CD

Continuous Integration, Continuous Deployment

Improve the quality and security of your code using CI/CD workflows. This is best summarized in GitHub's Quickstart for Securing Repos.

December 28, 2024
7 min read

Linting Code

Linting is running documented checks to statically analyze code for common mistakes and errors.

It can also be a great way to learn a new programming language as you'll be pointed to coding conventions, often in the form of the problematic code snippet, suggestions on how to refactor it, and the reasoning behind why.

Not every language has a standard linter, and some languages have multiple linters that are popular to use.

This guide is meant to get you started with linting, from "how to install" to "how to use" linters. It contains examples for both interactive CLI and automated CI/CD-focused workflows in Python, bash, PowerShell, Ansible, Packer, Terraform, with more to be added over time.

Additional Resources

The following resources will be useful if you're getting started with linting or CI/CD.

December 8, 2024
18 min read

KVM (Kernel-based Virtual Machine)

KVM is a type 1 hypervisor technology built into the Linux kernel, using components like QEMU, libvirt, and virt-manager to orchestrate virtual machines. This reference aims to cover everything you'd need to have a basic understanding of KVM and QEMU, how to use virt-manager, networking configuration options, and the various components such as SPICE.

What is KVM?

virt-manager acts as one possible GUI / CLI frontend to managing VM's.
qemu is the virtualization / emulation technology that technologies like virt-manager call to run VM's.
QEMU can be used via the CLI on its own.

KVM relates to QEMU when you run VM's with hardware acceleration rather than pure software emulation, KVM provides the hardware translation and acceleration component. This is the difference when starting VM's with kvm instead of qemu-system-x86_64.

kvm is the equivalent of running qemu-system-x86_64 -machine accel=kvm:tcg (see man kvm).

libvirt is an API, daemon, and management tool that ties all of the components you want to use together, and is used by KVM, Xen, VMware ESXi, and QEMU when performing virtualization tasks.

December 1, 2024
14 min read

nzyme x [Raspberry Pi, Proxmox, Tailscale]

This guide walks through deploying nzyme on a Raspberry Pi (4B or 5) leveraging autoconfiguration tools available on each system. For Raspberry Pi OS this includes writing additional files into the bootfs and rootfs partitions. For Ubuntu server images cloud-init or Ansible could be used.

The result is nzyme running as either a stand-alone system, or as a distributed node + tap where the nzyme-node lives on a server like Proxmox with the nzyme-tap sending data back to it from the external Raspberry Pi. Tailscale is also brought into focus for secure remote access.

This guide doesn't offer anything new in terms of nzyme usage that the official documentation doesn't already answer, but more of what you might run into and steps on how to achieve certain deployments if your goal is anything like what's described below.

August 13, 2024
14 min read

Proxmox

Get started with Proxmox. Installation considerations, networking, disk encryption options, and migrating existing virtual machines.

Everything's presented in a useful order to follow if you're used to Hyper-V, VMware Workstation, or VirtualBox and want to jump in by moving to a Proxmox server.

What's most interesting about Proxmox is the Web UI gives you full console and GUI (yes, GUI desktop) access to your VM's through either noVNC or SPICE, even via a smart phone.

August 13, 2024
41 min read

Wazuh all your things with Tailscale

This guide shows you how to get a Wazuh instance running over Tailscale on both Windows and Linux, using Sysmon(+forLinux), auditd, and all the tweaks you'll want to get started. This is ideal for a low resource, low budget, or lab scenario. You could eventually migrate this Wazuh data to a distributed cluster (proxmox), or real hardware if you grow with it.

July 19, 2024
20 min read

BIND9 DNS

How to install, maintain, and run a BIND9 DNS server (named). Covers building from source, configuring, hardening, and DNS over TLS as well as DNSSEC.

Updated on 2024/07/23.

July 19, 2024
8 min read

Get Started with PowerSTIG

Use PowerSTIG to automate STIG compliance across a number of items like WindowsServer, IIS, Adobe, Chrome, RHEL, Ubuntu, Vsphere, SqlServer, and more, while maintaining documentation of the state as a PowerShell configuration file. This is similar to my approach of using Ansible tags to maintain and combine machine states.

Updated on 2024/07/15.

July 12, 2024
21 min read

Atomic Red Team x Unix Artifacts Collector

An overview of spinning up a test environment, and extracting evidence from any unix-like endpoint. This is mostly for personal reference, as it's just pointing to all the existing (and vast) documentation in a sequence that's useful for me -- and hopefully for you as well.

Updated on 2024/07/12.

May 29, 2024
12 min read

Custom Shell Profiles

Working with and customizing shell profiles.

May 29, 2024
23 min read

OpenSCAP Practical Usage

Install OpenSCAP, pull compliance profiles from GitHub/ComplianceAsCode, debug policies with Ansible's -C and -D options, apply, test, and maintain policies with Ansible tags.

Updated on 2024/07/10.

May 15, 2024
6 min read

AIDE (Advanced Intrusion Detection Environment)

How to set up aide for filesystem integrity monitoring and do basic tuning of the configuration.

May 15, 2024
3 min read

Triage auditd logs with check-auditd

Recently updated to mirror and support ausearch arguments. This post showcases those changes and how the tool works.

May 8, 2024
87 min read

Windows

Various configuration settings and notes for Microsoft Windows operating systems.

Updated on 2024/07/23.

May 7, 2024
18 min read

flatpak

Overview of using and configuring flatpak.

May 7, 2024
24 min read

OpenWrt

This guide includes details for installing and running OpenWrt on UniFi AP's as well as Raspberry Pis and even as a virtual machine.

Because it's so flexible in its deployment, there are examples for different use cases included. For instance Tailscale can be leveraged for easy remote administration from anywhere including your mobile device thanks to the Web UI if that's important to you. Generally this guide approaches OpenWrt as a way to provide WiFi to networks where pfSense (or another upstream device) is the primary firewall router.

There's a detailed list of reference links at the top to keep in mind as you read through, and each step tries to include useful copy-and-paste ready commands for operations you may need to repeat every time you go through the process being described.

Updated on 2024/12/14.

May 7, 2024
4 min read

snap

Notes related to the snap package manager.

May 2, 2024
4 min read

bitwarden

Notes related to the bitwarden password manager.

May 2, 2024
56 min read

pfSense administration

A quick reference for pfSense administration.

August 29, 2022
3 min read

Nessus

What does this post cover?

Nessus is possibly the most well-known vulnerability scanner out there. It was originally open source before going closed source / commercial. At that point, development split off into the OpenVAS project.

Having tried OpenVAS first, after configuring and setting it up, it was clear when moving over to Nessus, that also had similar processes to install and configure it. For example, back when these notes were taken, the web interface was accessible from any network interface by default (this still appears to be the case). There's also a setting related to checking the signatures of the scanner plugins after downloading which wasn't often talked about.

Installing Nessus regularly was more or less required for a number of pentesting courses, so this page was created to document those steps a long time ago. This is just a port of those notes with some review of the currrent documentation.

Snapshot in Time

These are my notes from 2022 and earlier on setting up Nessus in a lab environment. They may be outdated, and were only checked against the latest documentation when porting to this blog post. They have not been tested.

July 15, 2019
59 min read

⭐ Resources

Information, compiled for easy reference.

CI/CD Your Notes

This set of links and notes has been my longest running note file, originally started back in cherrytree before making its way to this page.

The idea has been to create a searchable location pointing to each of these things, sorted by category, and with notes around them. This is currently a work in progess as entries need to be reformatted and updated as they move from my notes onto this page.