The security.txt standard was proposed so researchers have a definite endpoint to notify about vulnerabilities on a website. Even though it’s only a draft in its current state, some websites have deployed it already. With this tool I want to help track the coverage of the standard among major websites.
Inspired by Pushover and Gotify, my intention with this experimental project is to build a push notification server that is minimalistic and secure. Since notifications are sent via Matrix.org, no additional clients need to be maintained. So far it features multiple users and application management.
As the first embedded device I built outside of curricular activity, this project cost me quite a bit of trial and error. The core of the device is an Arduino Nano-compatible board attached to an accelerometer, an NFC reader, and an alarm buzzer. Once armed via NFC, it makes loud noises if moved in any direction.
When having to run binaries during a CTF, I feel the urge to run it inside a sandboxed environment, even when knowing the challenge was created in good faith. Previously, I used Podman as a beautiful Docker alternative. With this project, I aim to move towards using a virtual machine while keeping a similar level of comfort.
When researching a specific topic, it occurs to me that I end up reading many RFCs. Hence, I like to keep a local copy on my machine. Using this tool one can download all RFCs in a matter of seconds and update their library comfortably. This was my first project using Python’s asyncio library.
In black-box assessments of Android apps a good decompiler can save a lot of work. Luckily, there are many decompilers freely available, each with their individual strength. To make them easily accessible, I wrote a Docker image that decompiles your JAR and APK files using multiple decompilers.
On the command line, the prompt is the one thing you always want to be able to rely on. Since I wanted my prompt to provide very custom functionality and performance, I concluded it’s worth implementing it as a separate program. Thankfully, Purs served as a good starting point.
I’ve been customizing my configuration files for many years and decided to publish them in a new repository. This project helps me tailoring my working environment to my needs and automating certain tasks on the command line. Among others, it contains configurations for Neovim and Zsh.