After 6 years hacking cloud infrastructure at Oracle, I’ve packed up and joined the startup life.

I’m partnering with Joe, creator of Smart Pricing Table, an insanely helpful proposal-writing platform for agencies (or anyone).

What makes Smart Pricing Table worth this investment?

1. The product is actually helpful, and truly loved by its users.
2. Joe is the perfect founder for this product, with years of actual agency experience.

There are a lot of “proposal software” products out there… and they’re mostly glorified word processors + signature software.

TLDR

Use --immediate-mode* **, e.g.

tcpdump --immediate-mode -w out.pcap

And then use Ctrl+C to stop tcpdump whenever you feel like it, without fear of data loss.

* --packet_buffered should do the trick but is not present in older versions of tcpdump; see below.

** But if you’re just printing to the console (that is, not using -w to save to a file), then the non-lossy behavior will be enabled by default, so no need to use these options.

Today I learned about SYSVOL, Groups.xml, and how it can contain admin passwords (in an insecure configuration). Long story short, if you gain access to a SYSVOL share, poke around and check for Groups.xml and its cpassword field (or any file with cpassword).

Decrypting the password is easy with gpp-decrypt (see also a more modern and slick gpp-decrypt in Python).

And my favorite tidbit was finding xq, “jq for XML” — a slick tool for grabbing values out of an XML file. I used a fork with a --raw option: https://github.com/boyska/xq

In an effort to achieve platform independence, I am reposting popular blog posts from years ago. Adjust accordingly, and enjoy!

Originally posted on Medium, 2016-02-10.

A few months ago, I started looking at fuzzing tools. Finding a decent open source tool to use was more trouble than I expected, so I decided to write about it here.

tl;dr

I went with Sulley because it is open source and much more usable than Peach. However, it is less mature, bugs and all, so much so that I needed to fork the project to keep using it. The new project is called boofuzz.

🌈

As you know, tcpdump is a handy command line version of Wireshark. Among its use cases is running from a headless server, from within tmux, or just feeling more l33t by running everything from the command line.

While using tcpdump recently for some in-depth monitoring and debugging, my soul pined for colored output to highlight IP addresses, ports, MAC addresses, etc. There is an old feature request for this very option, not yet implemented. tshark has a --color option which adds handy Wireshark-themed coloring to your packet summary — cool, but not what I was looking for.