Caligin Tsukihara @caligin@octodon.social

Some tools: Sublist3r, enumall, massdns, altdns, reverse.report, ptrarchive.com, masscan, gitrob, teh s3 bucketeers, censys.io....

The amount of recon tools out there is incredible! #DevSecCon

Domain scanning: because you're probably not aware of all the subdomains you have. #DevSecCon

Nice, next talk seems to go into how to hack devopsy things!
#DevSecCon

Speaker: "Blah mesos, blah chronos, blah container scanning, .dockerignore your .git"
Me:"omg what's .dockerignore"
#lifeOnPremiseCentos6
#DevSecCon

On my way way (late) to #DevSecCon. Expect from CodeNode later on!

Small demo webapp to help explain SQLinjection: https://github.com/caligin/sqlilab
Nothing fancy but I found myself having troubles to explain how it works without "showing" the interpolation step.

humble bundle of security books! https://www.humblebundle.com/books/hacking-reloaded-books
#humblebundle #security

a couple of weeks later but I finally built my hidiot! #44con

now what to do with it, I have no clue

Netwars, a web documentary on cyberwar: http://www.netwars-project.com/webdoc
it's short and interactive, if you think the web is safe and have 30 minutes to spare give it a chance!

OH: "GNU Parallel is like xargs on cocaine" #44con

"If it's good coffee, then you're probably okay." #44con

"And tomorrow we start at 9.30, because we're civilized." #44con

Almost time for #44con's world-famous Gin O'Clock...

Drone-repellent colanders FTW. Missed the chance to take a picture though. #44con

The mini cheesecakes are so good, had to walk away before eating them all. And I'm not a sweets/snacks person. #44con

Turkish Star Wars w00t?? #44con

#TWStrike team got a mention for CoyIM! #44con

That reminds me, I never found a good how-to-get-started-if-you-cant-read guide for apparmor