Posts

There are many ways to write unit tests in Python. unittest Here the focus is living off the land with built-in unittest. unittest is both a framework and test runner, meaning it can execute your tests and return the results. In order to write unittest tests, you must: Write your tests as methods within classes These TestCase classes must subclass unittest.TestCase Names of test functions must begin with test_ Import the code to be tested Use a series of built-in assertion methods Basic example import unittest class TestStringMethods(unittest.TestCase): def test_upper(self): self.assertEqual('foo'.upper(), 'FOO') def test_isupper(self): self.assertTrue('FOO'.isupper()) self.assertFalse('Foo'.isupper()) def test_split(self): s = 'hello world' self.assertEqual(s.split(), ['hello', 'world']) # check that s.split fails when the separator is not a string with self.assertRaises(TypeError): s.split(2) if __name__ == '__main__': unittest.main() Assertions The TestCase class provides several assert methods to check for and report failures. ...

It’s semester 2 2023 and time for my final subject in the UNSW Cyber Security Masters course, digtital forensics run by Seth Enoka. I got to venture deep into Windows internals, including core Windows memory structures, subsystems such as prefetch and shimcache, NTFS file system internals and mechanicsm including MFT analysis and much more. All this analysis was conducting using the following Linux analysis tools: Tools Tools Description Yara A pattern-matching tool used in malware research and forensic analysis to identify and classify files based on defined rules and signatures. Volatility 2 & 3 Open-source memory forensics frameworks used to extract and analyze digital artifacts from volatile memory (RAM) in a memory dump to investigate cyber incidents and malware. Volatility USNParser Plugin A Volatility plugin specifically designed to parse and extract information from the USN journal on Windows systems, aiding in file activity analysis. SCCA Tools SCCA (Source Code Control System Analysis) Tools assist in examining version control system repositories to identify code changes, contributors, and track project history. ESEDB Tools These tools provide access to Extensible Storage Engine (ESE) Database files, commonly used in Windows applications, for analysis and recovery purposes. analyzeMFT A tool used in digital forensics to parse and analyze the Master File Table (MFT) entries from NTFS filesystems, revealing information about files and directories. Oletools A collection of Python-based tools for analyzing and extracting data from OLE (Object Linking and Embedding) files, such as Microsoft Office documents, often used in malware analysis. Wireshark A widely-used network protocol analyzer that captures and inspects data packets on a network, helping with network troubleshooting, security analysis, and protocol reverse engineering. The Sleuth Kit (TSK) An open-source digital forensic toolkit that includes various CLI tools (mmls, fls, icat) for file system analysis and data recovery from different operating systems. Plaso An open-source Python-based tool used for super timeline creation and log analysis, helping to reconstruct events and activities from various data sources for forensic investigations. Advanced Forensics Format Library (afflib) Tools Tools for working with the Advanced Forensics Format (AFF), an extensible open file format used in computer forensics to store disk images and related metadata. wxHexEditor A hexadecimal editor with a graphical user interface, used for low-level data inspection and editing in forensic analysis and reverse engineering. Gnumeric A spreadsheet application, similar to Microsoft Excel, used for data analysis and visualization, including data manipulation and statistical functions. Personal Folder File Tools (pfftools) Tools designed to work with Personal Folder File (PFF) formats, commonly used by Microsoft Outlook to store emails, calendars, and other personal data. These tools aid in email forensics and analysis. Resources Windows shellbags 8 timestamps on an NTFS file system, an attacker can fairly easily mutate 4 of them, hard to convincingly adjust nano-second level Eric Zimmermans Windows Forensics Tools SANS Hunt Evil Poster Knowing what’s normal on a Windows host helps cut through the noise to quickly locate potential malware. Use this information as a reference to know what’s normal in Windows and to focus your attention on the outliers. MITRE ATT&CK MITRE ATT&CK for ICS Cyber Kill Chain Industrial Cyber Kill Chain Locard’s Exchange Principle NIST Guide to Forensics in Incident Response Dragos Threat Groups Crowdstrike Adversary Groups Diamond Model for Intrusion Analysis The Four Types of Threat Detection Volatility v2.4 cheat sheet Module 0 - Intro Locards Principle (Edmond Locard aka Sherlock Holmes of France) ...

Cool new features in 3.11. Performance 1.2x faster generally, thanks to an adaptive interpreter (PEP659) that optimises byte-code based on observed behaviour and usage. Take for example the LOAD_ATTR instruction, which under 3.11 can be replaced by LOAD_ATTR_ADAPTIVE. This will replace the call to the most optimised instruction based on what is being done, such as: LOAD_ATTR_INSTANCE_VALUE LOAD_ATTR_MODULE LOAD_ATTR_SLOT Disassembling some code: def feet_to_meters(feet): return 0.3048 * feet for feet in (1.0, 10.0, 100.0, 1000.0, 2000.0, 3000.0, 4000.0): print(f"{feet:7.1f} feet = {feet_to_meters(feet):7.1f} meters") import dis dis.dis(feet_to_meters, adaptive=True) # 1 0 RESUME 0 # # 2 2 LOAD_CONST 1 (0.3048) # 4 LOAD_FAST 0 (feet) # 6 BINARY_OP 5 (*) # 10 RETURN_VALUE However, when the interpreter is given more concrete to work with its able to optimise. For example, outside the loop context when given a float, floating point instructions are put to work: ...

Kicking off the 2023 University year I continue my journey into the Cybersecurity Masters program with unit Infomation Assurance and Security run by Michael McGarity and Huadong Mo. Provides students with a deep understanding of the technical, management and organisational aspects of Information Assurance within a holistic legal and social framework. The course is essentially modelled off the CISSP certification, which dives into the following subjects: make a realistic assessment of the needs for information security in an organisation discuss the implications of security decisions on the organisation’s information systems understand the principles of writing secure code show an understanding of database and network security issues demonstrate an understanding of encryption techniques understand foundations of the tools and techniques in computer forensics show an appreciation of the commercial, legal and social context in which IT security is implemented apply knowledge gained to business and technical IA scenarios Intro Not a one size fits all approach. Too many factors and seemingling chaotic variables, such as risk appetites, country legislation, the business vertical (mining vs banking vs government), acceditation frameworks that apply to certain industries, tolerances, technology limitations, and so on. ...

A bunch of (scattered) tips and resources as I experiment with Vue. Basics: General wisdom Anatomy Eventhandling Watchers Computed props Components: Components Props Lifecycle hooks Emitting events Slots Fetching Data: Calling APIs in hooks Unique identifiers Styling Components: Global vs scoped styles CSS modules CSS v-bind Composition API: Composition API Reactive references script setup Composables Routing and Deployment: Vue Router History Dynamic routes Deployment Advanced: Pre-processors Pinia State Management Overview What is Vue? an open-source model–view–viewmodel front end JavaScript framework for building user interfaces and single-page applications, created by Evan You Helpful resouces: Read the offical docs Examples Vue cheat sheet Awesome Vue Vue.js devtools Volar VSCode extension Built-in Directives General wisdom It’s best to stick to conventions of the web and use camelCase in your script and kebab-case in your template Don’t pass functions as props, instead emit events props couples components to each other, for broad or deep cross cutting state, level up to state management Test data sources: JSON Placeholder PokeAPI Anatomy Here is a bare bones vue app. There are literally 3 blocks for script, template (markup) and style: ...

Kinesis is a company based near Seattle that offers computer keyboards with ergonomic designs as alternatives to the traditional keyboard design. Most widely known among these are the contoured Advantage line, which features recessed keys in two bucket-like hollows to allow the user’s fingers to reach keys with less effort The Advantage 360 line was released in 2022 and is still insanely popular and challenging to get hold of. The pro edition allows you to customise the firmware, which is ZMK based. Kinesis have outsourced the actual job of compiling the firmware to GitHub Actions. ...

2023 To Kill a Mockingbird by Lee, Harper Own the Day, Own Your Life: Optimised practices for waking, working, learning, eating, training, playing, sleeping and sex by Marcus, Aubrey 2022 The Dream Machine by Waldrop, M. Mitchell Absolute FreeBSD by Lucas, Michael W. Deep Work: Rules for Focused Success in a Distracted World by Newport, Cal 2021 Revolution in The Valley: The Insanely Great Story of How the Mac Was Made by Hertzfeld, Andy Kingpin: How One Hacker Took Over the Billion-Dollar Cybercrime Underground by Poulsen, Kevin The New New Thing: A Silicon Valley Story by Lewis, Michael Ghost in the Wires: My Adventures as the World’s Most Wanted Hacker by Mitnick, Kevin D. Bonhoeffer: Pastor, Martyr, Prophet, Spy by Metaxas, Eric * 1984 by Orwell, George Atomic Habits: An Easy and Proven Way to Build Good Habits and Break Bad Ones by Clear, James * Vagabonding: An Uncommon Guide to the Art of Long-Term World Travel by Potts, Rolf American Kingpin: The Epic Hunt for the Criminal Mastermind behind the Silk Road Drugs Empire by Bilton, Nick * The God Delusion by Dawkins, Richard 2020 Into the Wild (Ebook) by Krakauer, Jon * The Last Wish (The Witcher, #0.5) by Sapkowski, Andrzej Do Androids Dream of Electric Sheep? by Dick, Philip K. Alan Turing: The Enigma by Hodges, Andrew 2019 Harry Potter and the Philosopher’s Stone (Harry Potter, #1) by Rowling, J.K. Ultralight Backpackin’ Tips: 153 Amazing & Inexpensive Tips for Extremely Lightweight Camping by Clelland, Mike * Turn The Ship Around! by Marquet, L. David 2018 Microserfs by Coupland, Douglas * Autobiography: The Story of My Experiments with Truth by Gandhi, Mahatma Influence: The Psychology of Persuasion by Cialdini, Robert B. * The Mythical Man-Month: Essays on Software Engineering by Brooks Jr., Frederick P. 2017 The Cuckoo’s Egg: Tracking a Spy Through the Maze of Computer Espionage by Stoll, Clifford Savaged by Systemd: an Erotic Unix Encounter by Lucas, Michael Warren

Categorises the gym workout by these kinetic systems: Power (3 mins) Strength (5 mins) Endurance (8 mins) Cardio (10 mins) Durability (15 mins) Every 50 minute workout includes each of them. This is really just a catalogue of kettlebell and/or body weight exercises. Basic program 1 Cardio (10 mins) of choice run, bike, row, stair mill, jump jop Mobility (10 mins) circuit of: Kettlebell windmills (5 reps each side) Kettlebell halos (5 reps each side) variation options include lunges or squats Power (3 mins) Kettlebell sumo squat 6 sets of 10 secs on, 20 secs rest ...

Forked from 101t/python-cheatsheet.md RTFM The Python Standard Library Built-in Functions Python Enhancement Propsoals (PEPs) The Zen of Python never far away in the REPL import this Contents Getting started: CPython, Easter eggs, Import paths, venv Collections: List, Dictionary, Set, Tuple, Range, Enumerate, Iterator, Generator Functions: Functions, Modules Types: Type, String, Regular_Exp, Format, Numbers, Combinatorics, Datetime Syntax: Args, Splat, Inline, Closure, Decorator, Class, Duck_Type, Enum, Exception System: Exit, Print, Input, Command_Line_Arguments, Open, Path, OS_Commands Data: JSON, Pickle, CSV, SQLite, Bytes, Struct, Array, Memory_View, Deque Advanced: Threading, Operator, Introspection, Metaprograming, Eval, Coroutines Libraries: Progress_Bar, Plot, Table, Curses, Logging, Scraping, Web, Profile, NumPy Packaging and Tools: Real app, Bytecode disassembler, Poetry, Gems, Resources CPython Most distros lag behind the latest releases of python. Its quite a pleasant experience to just build CPython from source, as per the docs: sudo apt update sudo apt install build-essential gdb lcov pkg-config \ libbz2-dev libffi-dev libgdbm-dev libgdbm-compat-dev liblzma-dev \ libncurses5-dev libreadline6-dev libsqlite3-dev libssl-dev \ lzma lzma-dev tk-dev uuid-dev zlib1g-dev ./configure sudo make sudo make install sudo python3 -m pip install --upgrade pip setuptools wheel Easter eggs import this import antigravity from __future__ import braces Import paths When importing modules, Python relies on a list of paths to know where to look for the module. This list is stored in the sys.path variable. ...

Help and context Execution policy Operators Regex Flow Control Variables Functions Modules Module Management Good modules to run Filesystem Hashtables (Dictionary) Windows Management Instrumentation (WMI) Async Filesystem events Timers PowerShell drives Data (CRUD) management Damn handy A work in progress. Credits: https://gitlab.com/JamesHedges/notes/-/wikis/Powershell/PowerShell-Cheat-Sheet https://gist.github.com/pcgeek86/336e08d1a09e3dd1a8f0a30a9fe61c8a Help and context $PSVersionTable.PSVersion # what version Get-Command # list commands available Get-Command -Module Microsoft* # list commands exported from modules named Microsoft* Get-Command -Name *item # wildcard search commands Get-Help Get-Help -Name about_Variables Get-Help -Name Get-Command Get-Help -Name Get-Command -Parameter Module Execution policy Levels = {Restricted,Remote Signed,All Signed,Unrestricted} ...