Hello world.

The security.txt standard was proposed so researchers have a definite endpoint to notify about vulnerabilities on a website. Even though it’s only a draft in its current state, some websites have deployed it already. With this tool I want to help track the coverage of the standard among major websites.

Inspired by Pushover and Gotify, my intention with this experimental project is to build a push notification server that is minimalistic and secure. Since notifications are sent via Matrix.org, no additional clients need to be maintained. So far it features multiple users and application management.

As the first embedded device I built outside of curricular activity, this project cost me quite a bit of trial and error. The core of the device is an Arduino Nano-compatible board attached to an accelerometer, an NFC reader, and an alarm buzzer. Once armed via NFC, it makes loud noises if moved in any direction.

When having to run binaries during a CTF, I feel the urge to run it inside a sandboxed environment, even when knowing the challenge was created in good faith. Previously, I used Podman as a beautiful Docker alternative. With this project, I aim to move towards using a virtual machine while keeping a similar level of comfort.

When researching a specific topic, it occurs to me that I end up reading many RFCs. Hence, I like to keep a local copy on my machine. Using this tool one can download all RFCs in a matter of seconds and update their library comfortably. This was my first project using Python’s asyncio library.

In black-box assessments of Android apps a good decompiler can save a lot of work. Luckily, there are many decompilers freely available, each with their individual strength. To make them easily accessible, I wrote a Docker image that decompiles your JAR and APK files using multiple decompilers.

I’m a big fan of the UNIX philosophy to build small tools that do one particular thing well. Although there were solutions for checking the availability of large lists of URLs, I wanted to give it a shot myself. This is how urlprobe was born.

For this project, I grabbed an ESP8266 together with a CO2 sensor and built a device that publishes the measurements via MQTT. As a result, I now have a pretty graph on my Grafana dashboard displaying the air quality in my room in real-time.

On the command line, the prompt is the one thing you always want to be able to rely on. Since I wanted my prompt to provide very custom functionality and performance, I concluded it’s worth implementing it as a separate program. Thankfully, Purs served as a good starting point.

With LKMs, the Linux kernel offers a powerful interface to extend its functionality. secvault is a module that allows users to store secrets in kernel memory. Several commands are supported and can be called via an ioctl API.

After using Neomutt together with Notmuch for quite a while, I switched back to Thunderbird for higher reliability. However, Thunderbird is not really scriptable, so I had to come up with a way to at least show me very basic status information for my email accounts.

Vim is an awesome text editor and with Neovim things have gotten even better. Still, I’m missing some features - one of which this project implements. This plugin makes editing variable and function names a lot easier.

I’ve been customizing my configuration files for many years and decided to publish them in a new repository. This project helps me tailoring my working environment to my needs and automating certain tasks on the command line. Among others, it contains configurations for Neovim and Zsh.

Managing multiple Git repositories across several devices turns out to be difficult, especially when caring about configuration consistency. With this project, my aim is to provide a little helper utility that allows for dumping and comparing Git configurations in bulk.