mauvehed - Network

Was working with GitLeaks this morning, when it failed to find over 20 secrets in a git repo. Here are examples of what it didn't...

Was working with GitLeaks this morning, when it failed to find over 20 secrets in a git repo.

Here are examples of what it didn't find:

INDEXER_PASSWORD=SecretPassword

INDEXER_PASSWORD=SecretPassword

API_PASSWORD=MyS3cr37P450r.*-

DASHBOARD_PASSWORD=kibanaserver

That is EXTREMELY disappointing! These are pretty obvious secrets!

#SysAdmin #Security #SecurityTools #GitLeaks

The Extended Vulnerability Community is a Discord where a number of people from all walks of the vulnerability life have gathered together...

The Extended Vulnerability Community is a Discord where a number of people from all walks of the vulnerability life have gathered together to share information, resources, and provide guidance to one another.

Come join us if you are involved in discovery, reporting, triaging, managing, remediating, or fighting the vulnerability life!

https://discord.gg/gSCrXxMuPx

#VulnerabilityManagement #InfoSec #BlueTeam #PurpleTeam #Hackers #Security

#LOL #AI #RubberChicken #Hacker #DJ

#LOL #AI #RubberChicken #Hacker #DJ

System stats are important because they allow you to make obvious assessments of your assets through a visual means.Like this one container...

System stats are important because they allow you to make obvious assessments of your assets through a visual means.

Like this one container that was consuming almost half the CPU on my server for no reason I could determine.

A simple restart kicked it in the pants and got it back to normal.

I love stats! This sure beats the days of MRTG.

#SysAdmin #Hackers #StatsNerds

Safeguard the CVE Program!https://resist.bot/petitions/PWDDUS

Safeguard the CVE Program!

https://resist.bot/petitions/PWDDUS

New laptop. Who dis?#HackerStickers #Stickers #Hackers

New laptop. Who dis?

#HackerStickers #Stickers #Hackers

Got a new M4 MacBook Air for a personal laptop. The best part about it is getting to test my chezmoi dot files environment from scratch!It...

Got a new M4 MacBook Air for a personal laptop. The best part about it is getting to test my chezmoi dot files environment from scratch!

It was a lot of work to move to chezmoi, but it has been a huge life saver with all of its built-in templates and scripting. I've done so much that makes my life easier maintaining a shell environment across multiple devices.

I have different profiles for work, personal, and servers. It installs different apps or withholds secrets if need be.

The integration with 1Password is awesome as well. All of my secrets are store in 1P and chezmoi simply pulls them out on my personal systems.

https://github.com/mauvehed/dotfiles

#Technology #Chezmoi #Hacker #Hackers #Linux #MacOS

My @DoDAustin talk recording is now live!https://youtu.be/n_TNe1BG3t4?si=Ve3uxh29r5wKUo8_#VulnerabilityManagement #Security #SecurityTalks

My @DoDAustin talk recording is now live!

https://youtu.be/n_TNe1BG3t4?si=Ve3uxh29r5wKUo8_

#VulnerabilityManagement #Security #SecurityTalks

I’m so tired of reading headlines about hate.#LOVE ONE ANOTHER. It’s simple. Other people’s rights aren’t hurting you. But you...

I’m so tired of reading headlines about hate.

#LOVE ONE ANOTHER.

It’s simple. Other people’s rights aren’t hurting you. But you restricting their rights DOES hurt them.

Knock it the fuck off!

#TransRights

Tried to swap in a chainguard(.dev) image for one of my python projects. They say they are "drop in". Well, after spending an hour...

Tried to swap in a chainguard(.dev) image for one of my python projects. They say they are "drop in". Well, after spending an hour trying to troubleshoot and debug all the problems that I experienced I finally gave up.

I'm rather disappointed because I was really looking forward to using their images.

Anyone else have this experience or something better?

#Development #Coding #Hackers #Containers #SecureDev

I was recently having a ton of problems with one of my virtual servers. I'd given it 1GB of RAM and suddenly it was timing out...

I was recently having a ton of problems with one of my virtual servers. I'd given it 1GB of RAM and suddenly it was timing out frequently, I couldn't even SSH in to it, and the virtual console was hung.

Because I had Beszel monitoring my servers, I was able to tell some of what was going on, specifically to guess it was RAM related.

I doubled the RAM to 2GB and now she's happy as can be! Memory usage increased as expected, but peaked around 1GB and disk I/O returned to normal since a ton of jobs were no longer backed up!

I guess you'll never be able to take the sysadmin out of me.

#sysadmin #containers #homelab

Yesterday I delivered my talk at @DoDAustin which was a blast and a huge success!I love speaking about security at non-security conferences,...

Yesterday I delivered my talk at @DoDAustin which was a blast and a huge success!

I love speaking about security at non-security conferences, because it gives an opportunity to open up the discussion to a new audience.

The talk was recorded and I'll post when there's a video, but in the mean time you can check out my slides below!

https://mvh.dev/talks/

#VulnerabilityManagement #Security #SecurityTalks #DevOpsDays #DevOpsDaysATX

I wrote a blog about my recent experience moving to a fully split ergonomic keyboard. It's been a learning experience that I am still...

I wrote a blog about my recent experience moving to a fully split ergonomic keyboard. It's been a learning experience that I am still working with, but overall it's been a blessing to my shoulders and wrists!

If you've ever considered one, you may enjoy reading about my experience!

https://rant.mvh.dev/ergonomic-keyboards

#technology #keyboards #ergonomics

I am super excited to give my talk at @DoDAustin today at 11:20am! My talk is called "Give Up! Just Stop Patching...

I am super excited to give my talk at @DoDAustin today at 11:20am!

My talk is called "Give Up! Just Stop Patching Vulnerabilities!" and is all about taking a proactive approach to application security. DevOps practitioners are a critical starting point for implementing security and building in best practices!

If you are in attendance, I hope to see you there and that you'll come talk to me!

https://talks.devopsdays.org/devopsdays-austin-2025/talk/9QLNV9/

#DevOpsDaysATX #DevOpsDays #DevOpsDaysAustin

I wrote a Discord bot to monitor for CVEs being mentioned in chat, and then it will fetch the details and post it back to chat.It also has a...

I wrote a Discord bot to monitor for CVEs being mentioned in chat, and then it will fetch the details and post it back to chat.

It also has a feature to monitor for new KEV notifications and send them to a dedicated channel

Collab with me. Use it. Abuse it. What ever ya want!

https://github.com/mauvehed/kevvy

#CVSS #CVE #KEV #CISA #Vulnerabilties #Discord

Blue sky is a single instance owned by a single entity. It’s not mastodon and is not federated. This matters....

Blue sky is a single instance owned by a single entity. It’s not mastodon and is not federated. This matters. https://mas.to/@osma/114346166890552471

This is fine..

This is fine..

How do you search through your servers on Discord mobile? Like, I know the name of the server but not its icon or what folder I put it...

How do you search through your servers on Discord mobile? Like, I know the name of the server but not its icon or what folder I put it under. Can’t I just quick search servers like you can users? Because it seems not..

(Ab)using AI for horrible uses and entertainment.https://attrition.org/news/content/2025-04-05.001.html#Hackers #AI

(Ab)using AI for horrible uses and entertainment.

https://attrition.org/news/content/2025-04-05.001.html

#Hackers #AI

Everything is fine.

Everything is fine.