First steps in writing a custom OWASP ZAP extension

OWASP ZAP is a very popular attack proxy typically used in Web Application penetration tests. Think "Open Source BurpSuite", and that's ZAP in a nutshell. It has become my go-to tool for penetration tests, and it definitely is a fantastic piece of software that ticks all my boxes - except one. The problem : Note taking … Continue reading First steps in writing a custom OWASP ZAP extension

Advertisements

Apache NiFi: Custom Web Scraper Processor – Powered by Selenium

In this article we explore how to build a custom Apache Nifi processor. Our objective is to build a custom NiFi processor, written in Java, that uses Selenium to scrape an arbitrary piece of information off a web-page. The end result will look like this: https://www.youtube.com/watch?v=alRC8owgjl4&feature=youtu.be This highlights the flexibility of Apache NiFi, showing off … Continue reading Apache NiFi: Custom Web Scraper Processor – Powered by Selenium

Apache NiFi: From Syslog to Elasticsearch

Apache Nifi is the result of an project open-sourced by the NSA. It's described as a "data traffic program"... For users familiar with the Elastic ecosystem, think of it as a GUI-enabled mashup of Filebeat, Winlogbeat and Logstash. In essence Nifi allows you to build data processing pipelines of arbitrary complexity and enrich the data or … Continue reading Apache NiFi: From Syslog to Elasticsearch

Drill Down into Spring Boot Actuator metrics

We've only seen this very useful feature documented in the official Spring Actuator API Documentation, so maybe not many are aware that you actually have some control over what the Spring Actuator metrics return to your requesting client. The Spring Actuator API allows you to expose several useful metrics that you can use to monitor … Continue reading Drill Down into Spring Boot Actuator metrics

From JQuery to ReactJS

I have previously worked with ReactJS - most notably during my Master's dissertation, however the main Javascript library I work with when working for clients and companies still remains the venerable JQuery. This is changing as more and more organizations I interact with move to more modern frameworks like Angular and ReactJS. Where to start … Continue reading From JQuery to ReactJS

Using Technology to enable the creation of an open & decentralized government

Catch my recent guest blog post about using PKI, blockchain, Tor and cryptography to enable decentralized, transparent voting - supporting an open and honest government https://www.facebook.com/LovinMalta/posts/1952145485008603

Nugget Post: Insert an alert / rule name in emails sent from ElastAlert

ElastAlert is a fantastic python module that makes it easy to setup near - realtime alerts and responses to entries of interest. A quick piece of information  which I didnt find clearly documented was how to insert an alert name into a custom subject line sending email alerts.  A typical custom email alert rule file would include … Continue reading Nugget Post: Insert an alert / rule name in emails sent from ElastAlert