Portable virtual lab that fits in your pocket

by on Sep.19, 2020, under Code, Posts

USB 3.1 Flash Drive BAR Plus 256GB Titan Gray Memory & Storage - MUF-256BE4/AM | Samsung US

Storage continues to get cheaper and cheaper. Above is a picture of a SAMSUNG BAR Plus flash drive. I was able to find one used on eBay for about $30 which has 256GB storage capacity.

My goal was to have a portable Linux distro that’s persistent on a larger capacity flash drive which I can use to run virtual machines on and containers. While I’m not opposed to *BSD derivatives and even took some time to test out NomadBSD, I wanted to have an operating system that is more flexible and has more hardware support. I decided to go with Linux Mint XFCE. This means the flash drive can work in legacy bios systems and UEFI systems (provided secure boot is disabled).  To make the persistent Linux USB drive, I used this guide: .

A majority of computers for the past 20 years support virtualization. Granted, there are some rare systems that don’t support virtualization. (You can still install VirtualBox and have 32bit based guest operating systems.) My love and interest of type 1 hypervisors has lead me to experiment with hypervisors from different vendors. Linux KVM which has been around for 13 years, has become reliable and stable enough for production environments. To get Linux KVM up and running on my flash drive under Linux Mint, I simply used this tutorial: Then to get have a nice web based gui to work with Linux KVM, I installed cockpit ( ) .

The next evolution of virtualization in my humble opinion, is virtual container based systems such as Docker. While dockers and container based systems may not always be ideal or meet true isolation security requirements, docker adoption and usage has skyrocketed. One of the most useful uses that I have for docker, is when I need a quick isolated environment for testing software that isn’t permanent. Need to brush up on MariaDB programming? Awesome, spin up a docker. Have a package you need to use that installs libraries that breaks other things or even your package manager? Docker to the rescue. There are some CUI/GUI based tools that help you with docker as well if you’re not a big fan of typing commands. (Check out dockly and . Cockpit can be used for managing dockers as well.)

To install docker on my persistent flash drive, was no problem (see this guide: However, to get it up and running was a bit more of a pain on a persistent Linux Mint flash drive.  You can’t use the default storage driver, overlay2, you have to use the VFS storage driver (see ). Once you have done this, you can test docker by simply doing: docker run hello-world.

I also wanted to have secure remote access to the system running my persistent flash drive. I stumbled upon Tailscale and fell in love. Once you have tailscale up and running, you’ll have a tailscale0 interface. You can now ssh into your persistent flash drive from other places on the internet as long as you have tailscale configured on the client system. Tailscale can traverse NAT!

This persistent flash drive that I have is not without its issues. I have not been able to upgrade the kernel or upgrade to a new version of Linux Mint. Additionally, the mint user password does not persist after reboot (though the root password persists). To access ssh on my flash drive I had to enable root login for ssh, which I know is not ideal or very secure. Caveats aside, this has been a fun learning experience that I would recommend to any other computer enthusiast.


Leave a Comment :, , , , , , , , , , , , , , , , more... script

by on Apr.30, 2020, under Code, Posts

I’m a big fan of and decided to write a simple script that can be used from the command line:


cnf whois 

results: results:

All systems

apt-get install whois

apt-get install whois

[alpine.png] Alpine
apk add whois

Arch Linux
pacman -S whois

image/svg+xml Kali Linux
apt-get install whois

yum install whois

dnf install whois

brew install whois

apt-get install whois

docker run whois powered by [8]Commando

The script is available here:

It’s a quick and dirty script but it gets the job done.

Leave a Comment :, , , , , , more...

Useful post regarding Office 365 security hardening

by on Feb.27, 2020, under Posts

It’s 2020. We are now progressing more and more toward the cloud and will have to take into consideration security concerns that relate to the cloud. 2 large players in the cloud for productivity suites include Google and Microsoft.

Since Microsoft still dominates the market when it comes to workstation operating systems and office suites, Office 365 is being adopted pretty quickly. I really recommend that you to take a look at this post if you currently have Office 365:

Introducing the Microsoft Office 365 Email Security Checklist

It has some good pointers that will help you lock your Office 365 tenant down. Of course there is Microsoft Secure Score, but it seems as if it’s in its infancy. It is buggy and not reliable. This is not to say it won’t help you harden your tenant, but I wouldn’t let it necessarily be the golden rule.

One must also keep in mind that to make Office 365 ‘more secure’ according to Microsoft, you need to essentially pay for it. Standard subscriptions won’t get you certain features. ( Please see: )

#Update 3/3/20:

Infragard presentation on Office 365 Security:

12C2049B0AB7E7F2134A2ECD3D37F402  – MD5

9664CBF3C74B27770E962E8BB96C7A8816BBAFDE – SHA-1

(VirusTotal: )

#Update 3/6/20:

Pictures of Office 365 Secure Score Suggestions (one could extrapolate some of these suggestions and apply to other cloud services):

550FB7C99E35AF8F7DB1DAD168410012 – MD5

56A43F1DCE1B9BC16AD1AD853CD3918E23AE60BD – SHA-1
(VirusTotal: )
Leave a Comment :, , , , , , , , , , , , , more... web terminal root shell

by on Jan.01, 2020, under Posts

Recently, I’ve been reading up on containers and kubernetes. I have just discovered this. It just seems like it could be easily abused:

No authentication necessary. You simply click on Launch Terminal and you’ll get a root shell with full internet access.

(This is a frame from )

Leave a Comment :, , , , , , , , more... – ip list

by on Nov.04, 2019, under Blacklists, Posts

Here is a list of known ‘malicious’ IPs from It is updated daily. It’s in a list/plaintext format that should be easy to integrate.


#Update 11/10/2019

Here are a list of offending IPs that have targeted my honeypot I have setup. This will be updated daily as well:


#Update 11/13/2019

Here’s another list of IPs that have offended the WAF I use:


#Update 11/20/2019

Here’s a great post that has a bunch of lists that can be used:

#Update 11/26/2019

Another great resource:

#Update 11/30/2019

Here’s another list of IPs from


#Update 12/2/2019

Black Hat Direcory – Wall of shame list:


#Update 10/25/2020

Scamalytics Ips


#Update 02/24/2021


Leave a Comment :, , , , , , , , more...

Looking for something?

Use the form below to search the site:

Still not finding what you're looking for? Drop a comment on a post or contact us so we can take care of it!