If you have been following the news in the world of Cybersecurity lately, you’ve probably seen, heard, or read a thing or two about SolarWinds, FireEye, or Microsoft amongst many others being targeted by an unknown threat actor. While not the first, this threat actor uses an interesting algorithm to generate sub-domains for its SUNBURST malware to pull down the next stage of execution on the target systems.

When an attacker implements a DGA, the result allows an attacker to avoid detection altogether or evade blocklists and IP blocking. Attackers can quickly switch domains, evade security practices and blocks, and…


Jupyter Notebooks Logo

Throughout some of my classes and work environments, I have found Jupyter notebooks to be particularly helpful in laying out my code and ideas in Python. I figured writing an article on how to get setup might bring new techniques and ideas into the world for someone, so here it is! Jupyter notebooks are easy and fun to use, and they look pretty nice as well. Setup is easy and quick, but honing your setup to have specific qualities makes up most of the time after the initial installation.

Jupyter Notebook and its flexible interface extends the notebook beyond code…


Lately, I have been studying network protocols and authentication schemes in my free time. In order to get a deeper grasp on Kerberos, I figured what better method than trying to explain it in a Medium article. While it may not be super in-depth or advanced, I figured this would be a good executive summary or debrief for anyone looking for an easy explanation on the authentication service and how it is used.

Kerberos is a network authentication protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography

Acronyms

  • TGT — Ticket Granting Ticket
  • TGS —…


aurielaki on Shutterstock

You’ve probably heard the the following buzzwords at least a thousand times: blockchain, DevOps, DevSecOps, artificial intelligence, machine learning, and so much more.

Without some research, we never really learn what DevSecOps is.

To get a better idea, RedHat sums the idea behind DevSecOps

To do: Maintain short and frequent development cycles, integrate security measures with minimal disruption to operations, keep up with innovative technologies like containers and microservices, and all the while foster closer collaboration between commonly isolated teams — this is a tall order for any organization. …


Image by TheDigitalWay from Pixabay

Are you still reusing passwords between sites?

Unfortunately, password reuse is oftentimes what leads to compromised accounts, whether it be from password dumps or brute-forcing. In order to avoid this habit, I figured a fun way to go about this would be to create a password generator.

Then, I thought to myself, what better language to use than Rust?

To start, let’s make a new project with cargo and then move into the newly created directory:

$ cargo new password-generator

After that, we should have a few files in our project directory, namely Cargo.toml and src/main.rs.


Image captured from snyk.io

The first thing that developers do once their project is ready for the staging environment is focus on security right? Wrong.

For a better view into the automated testing world, I wanted to use Snyk to detect vulnerabilities in software with known CVEs and CWEs. It can be used via CLI, Git integration, and even checks runtime efficiency and dependencies with vulnerabilities as well.

Quick Note: I am using Snyk.io because I recently stumbled upon it while browsing LinkedIn and thought it was super interesting. I am currently playing around with the CLI to learn more about the tool.

Another…


Photo by Brett Sayles from Pexels

This article is geared towards beginners in networking/security who wish to learn a bit more about how port scanning works and how to write their own custom port scanning utility in Python for diagnosing/testing.

For this tutorial, we need to get familiar with a specific Python library: socket (documentation found here: https://docs.python.org/3/library/socket.html)

The Python interface is a straightforward transliteration of the Unix system call and library interface for sockets to Python’s object-oriented style: the socket() function returns a socket object whose methods implement the various socket system calls.

To begin, let’s import the socket library and also declare any variables…

Jacob Latonis

I study computing and a bit of cybersecurity

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store