The Benefits of side projects : Keep tinkering 🥷 Jun 26, 2024 Since 2017, I have created and been maintaining cfptime.org, a community-driven project aimed at centralizing call-for-papers information for information security conferences. Initially, my first goal was simple: we had an intern joining our team and who was about to work on Django Framework, I didn’t know it and I wanted to know the basics. Additionally, some other goals were simply to have fun, contribute something valuable to the community. ...
Making My Garage Door Smart (Meross MSG100 to TUBAUTO ProCom 7-3) Mar 23, 2024 Connecting Meross MSG100 to TUBAUTO ProCom 7-3 Garage Door: A Quick Guide Modernizing your garage door to be smart-enabled can greatly enhance convenience and security. The Meross MSG100 Smart Wi-Fi Garage Door Opener offers an easy solution to connect your garage door to your home network, allowing you to control it remotely through the Meross application. If you have a TUBAUTO ProCom 7-3 garage door opener, integrating it with the Meross MSG100 is straightforward with the right guidance. ...
GitOps is the new black Nov 24, 2023 In the ever-evolving landscape of software development, GitOps has emerged as a powerful paradigm, initially associated with cloud-native applications. However, its significance personally extends beyond the realms of modern, containerized environments. GitOps has proven to be a valuable concept for legacy (or “more traditional”) applications too, providing a bridge that captures technical expertise and establishes deterministic operations resulting in a better quality of service. The Essence of GitOps GitOps is fundamentally rooted in the principles of declarative infrastructure and version control. ...
Incidents clustering using TF-IDF and KMeans Jul 23, 2023 Incident clustering, also known as event clustering or anomaly clustering, is a technique used in data analysis and machine learning to group similar incidents or events together based on their characteristics or patterns. In order to deep dive into this, we used sklearn and matplotlib to both do machine learning and visualize results in an easy way. In few words: Scikit-learn is a powerful and popular open-source machine learning library in Python. ...
I quitted Infosec and I couldn't be happier. Jan 31, 2023 This article aims at providing you some insights about the experience I had in the “infosec world” for the past few years. I had an amazing journey and grateful for everything that happened. Don’t get me wrong with the title, even if the road was sometimes “bumpy” (aka ‘bad’ experiences), I got some good lessons learnt through them and live by them. I am not trying to convince anyone with this article, except just do what’s good for you and preserve yourself. ...
A quick primer on Frida and Android Instrumentation Aug 13, 2021 Hi everyone! Here is a pretty quick blog post on some Frida/Objection things I’ve been tinkering with. I had this Android application which had premium features and wanted to understand how that mechanism worked and if it was robust enough. Let’s see what was the journey on how I’ve bypassed it using Frida. After disassembling the application with Jadx, I was able to perform a simple grep -r -i 'premium' . ...
"DevOps" ramblings and observations Feb 17, 2021 “DevOps” movement started “publicly” (first time we heard this term) circa 2007. Based on that, we (you?) might think that in 2021 that thing is utterly oudated but I totally disagree and I thought I would share some thoughts about DevOps in 2021, and what it means in real life. I am quite uncomfortable using the word “DevOps”. I’m serious. I guess it’s because we’re putting so many things behind it and I feel we might have lost track of the real sense behind that term - “DevOps”. ...
Android Instrumentation with Smali: A survival guide May 22, 2020 Hi everyone! This article aims at providing you survival steps while tinkering around with Smali & Android applications. The name of the original application I did my search on will remain secret but I created a dummy application doing the same so that you can do it on your own. The link of the MainActivity.java and MainActivity.smali is here Create a dummy application with Android Studio and just import this. PLACEHOLDER_* strings will have to be replaced with proper ones if you want to try. ...
Tackling 'Cleartext Not Permitted' error in Ionic v5 May 8, 2020 While developing/maintaining the WHID Mobile Injector app, it turns out that I received messages and issues on Github telling me that users were: Able to access the ESPloit interface through the browser but not through the app and the toggle in the side-menu was staying RED (meaning it is unable to connect to the ESPloit interface). Weird. After some investigations, I was able to reproduce the issue on some phones at home, and while looking at logcat, I saw some strange lines like this: ...
FastAPI + Zeit.co = 🚀 Mar 30, 2020 Hey everyone, I will talk about some experiments I did with FastAPI and deploying on Zeit.co. Context: For one side-project, I needed a simple way to retrieve the information from a specific Android application (eg. io.shodan.app) on the Google Store and a download link from APKPure (if any). I thought that this would have been a great playground to get my hands on FastAPI, a very promising framework that I never had time to play with. ...