stream of engineering
Slack "Slash Commands" can be a very useful tool to write a CLI to interact with other applications that you manage. In short the contract works something like this; from within a slack channel that the commands are available you would type: /my-command [text arguments] Seems simple enough, however you need to implement a REST … Continue reading Slack Slash Command security
This article is a followup to my previous post about testssl.sh-processor. In short, now that I had mass execution of many endpoints, I now needed to be able to do something with all the testssl.sh command invocation JSON result files laying around. My goal was to be able to react to each JSON result file … Continue reading Slack alerts for testssl.sh
If you secure your entire infrastructure at the transport layer with end to end SSL for both internal and external traffic, then you likely have a ton of endpoints, each with their own SSL software stacks and a wide array of different certificates, some CA signed, others not etc. Both the amount of these and … Continue reading Batch processing testssl.sh commands
Ever have some client code that needs to call another endpoint which rate limits you? Join the club. I recently did, and honestly I didn't care at all about the ONE particular rest client that needed to backoff appropriately when the 429s were being barfed back; instead what I did care about was implementing a … Continue reading Mocking a rate limiting endpoint 429
bits.of.info 