{"@attributes":{"version":"2.0"},"channel":{"title":"plaintext","link":"https:\/\/spoons.fyi\/","description":{},"lastBuildDate":"Sun, 15 Feb 2026 00:00:00 +0100","item":[{"title":"A Universal .zshrc File","link":"https:\/\/spoons.fyi\/2026\/02\/15\/a-universal-zshrc-file.html","description":"<p>Since forver ago, I have been using <a href=\"https:\/\/ohmyz.sh\/\">oh-my-zsh<\/a> with a fairly standard configuration. Plugins for commands I often use, utility functions, and all the clutter you accumulate after years of building and breaking software. That included fuzzing configuration, an unreal amount of version managers, and custom configurations, including those recklessly \u2026<\/p>","pubDate":"Sun, 15 Feb 2026 00:00:00 +0100","guid":"tag:spoons.fyi,2026-02-15:\/2026\/02\/15\/a-universal-zshrc-file.html","category":"Software"},{"title":"Geth and Prysm in Docker Compose","link":"https:\/\/spoons.fyi\/2024\/10\/06\/geth-and-prysm-in-docker-compose.html","description":"<p>I'm getting back into hacking on Ethereum nodes. Some of my tests are RPC-heavy, so a local setup is required. This will also speed up development since requests remain in my local network. However, I haven't found an easy Docker Compose setup for running Geth and Prysm together.<\/p>\n<div class=\"highlight\"><pre><span><\/span><code><span class=\"nt\">version<\/span><span class=\"p\">:<\/span><span class=\"w\"> <\/span><span class=\"s\">&quot;3 \u2026<\/span><\/code><\/pre><\/div>","pubDate":"Sun, 06 Oct 2024 00:00:00 +0200","guid":"tag:spoons.fyi,2024-10-06:\/2024\/10\/06\/geth-and-prysm-in-docker-compose.html","category":"Software"},{"title":"Migration and Business in Germany","link":"https:\/\/spoons.fyi\/2024\/09\/14\/migration-and-business-in-germany.html","description":"<p>In recent weeks, Germany has been on the international news. In the state elections in Thuringia and Saxony (where I live), the extreme right-wing AfD and left-wing BSW have gotten huge voter support. Their focus on immigration, border security, and crime, as well as skilled harping on East-West differences in \u2026<\/p>","pubDate":"Sat, 14 Sep 2024 00:00:00 +0200","guid":"tag:spoons.fyi,2024-09-14:\/2024\/09\/14\/migration-and-business-in-germany.html","category":"Personal"},{"title":"Field Guide Tryhard","link":"https:\/\/spoons.fyi\/2024\/09\/01\/field-guide-tryhard.html","description":"<p>Long story short, I got disillusioned with my previous work and its context. I started my project, the <a href=\"https:\/\/scsfg.io\/\">Smart Contract Security Field Guide (SCSFG)<\/a> to cope with it. Here are some nice features:<\/p>\n<ul>\n<li>New code samples instead of the same-old code you see everyone steal over and over<\/li>\n<li>A section \u2026<\/li><\/ul>","pubDate":"Sun, 01 Sep 2024 00:00:00 +0200","guid":"tag:spoons.fyi,2024-09-01:\/2024\/09\/01\/field-guide-tryhard.html","category":"Security"},{"title":"Excessive Growth and Corporate Parties","link":"https:\/\/spoons.fyi\/2023\/07\/20\/excessive-growth-and-corporate-parties.html","description":"<p>Corporate parties - essentially designed to celebrate company triumphs, whether hitting revenue targets or instilling the company's mission and vision into the employees - can often devolve into nothing more than an extravagant distraction. This illusion of harmony, of success, of the 'perfect' work environment is essentially the art of corporate virtue \u2026<\/p>","pubDate":"Thu, 20 Jul 2023 00:00:00 +0200","guid":"tag:spoons.fyi,2023-07-20:\/2023\/07\/20\/excessive-growth-and-corporate-parties.html","category":"Personal"},{"title":"Vacation Traditions","link":"https:\/\/spoons.fyi\/2023\/01\/13\/vacation-traditions.html","description":"<p>I enjoy getting lost in work. I mean, <em>really<\/em> enjoy it. I forget to eat and sleep, especially when developing software. There is something addicting about building an MVP as fast as possible, finding the perfect architecture, refactoring your previous hacks, and eventually making your code observable and running smoothly \u2026<\/p>","pubDate":"Fri, 13 Jan 2023 00:00:00 +0100","guid":"tag:spoons.fyi,2023-01-13:\/2023\/01\/13\/vacation-traditions.html","category":"Personal"},{"title":"Honest Attempts to Secure an Ecosystem","link":"https:\/\/spoons.fyi\/2022\/06\/29\/honest-attempts-to-secure-an-ecosystem.html","description":"<p>I have used my off-time from audits in the past months to write more about security. Especially in a nascent ecosystem like Ethereum still is, the most considerable impact can be delivered by educating people. Education has to happen in different modes of complexity, depending on the target audience:<\/p>\n<ul>\n<li>Developers \u2026<\/li><\/ul>","pubDate":"Wed, 29 Jun 2022 00:00:00 +0200","guid":"tag:spoons.fyi,2022-06-29:\/2022\/06\/29\/honest-attempts-to-secure-an-ecosystem.html","category":"Security"},{"title":"Remembering my Dad","link":"https:\/\/spoons.fyi\/2022\/03\/16\/remembering-my-dad.html","description":"<p>On March 11, 18:11, my dad passed away. After about a year with lung cancer and two weeks with COVID-19, he finally does not have to struggle anymore.<\/p>\n<p>I miss him dearly. After he got COVID, the doctors diagnosed him with pneumonia. He spent a week in the hospital \u2026<\/p>","pubDate":"Wed, 16 Mar 2022 00:00:00 +0100","guid":"tag:spoons.fyi,2022-03-16:\/2022\/03\/16\/remembering-my-dad.html","category":"Personal"},{"title":"HackTheBox Registry","link":"https:\/\/spoons.fyi\/2021\/02\/13\/hackthebox-registry.html","description":"<p>Registry is a box rated at hard difficulty. There are quite a few steps involved, but with a bit of persistence and little experience with Docker internals (<a href=\"https:\/\/spoons.fyi\/2018\/09\/16\/low-level-debugging-of-stubborn-docker-containers.html\">hint hint<\/a>), it looks more daunting than it actually is. Let's go through the process of breaking in step by step! Out initial \u2026<\/p>","pubDate":"Sat, 13 Feb 2021 00:00:00 +0100","guid":"tag:spoons.fyi,2021-02-13:\/2021\/02\/13\/hackthebox-registry.html","category":"Challenges"},{"title":"HackTheBox Fuzzy","link":"https:\/\/spoons.fyi\/2020\/09\/23\/hackthebox-fuzzy.html","description":"<p>Fuzzy is a fun and short challenge on a docker container. It is especially good for teaching beginners the basics of using a fuzzer to discover new endpoints on a webserver.Spawning the container and probing around a bit, we don't have too much success. Using dirbuster and a standard \u2026<\/p>","pubDate":"Wed, 23 Sep 2020 00:00:00 +0200","guid":"tag:spoons.fyi,2020-09-23:\/2020\/09\/23\/hackthebox-fuzzy.html","category":"Challenges"},{"title":"HackTheBox Mango","link":"https:\/\/spoons.fyi\/2020\/08\/08\/hackthebox-mango.html","description":"<p>Mango was an interesting box when it comes to enumeration. It taught me to look more closely and not brush off anything just because I have seen it before. The box is also a prime lesson to aggregate your recon info in a structured manner so it's easier to apply \u2026<\/p>","pubDate":"Sat, 08 Aug 2020 00:00:00 +0200","guid":"tag:spoons.fyi,2020-08-08:\/2020\/08\/08\/hackthebox-mango.html","category":"Challenges"},{"title":"Construct Truffle Artifact Source Lists","link":"https:\/\/spoons.fyi\/2020\/05\/12\/construct-truffle-artifact-source-lists.html","description":"<div class=\"pswp-gallery single-image\" data-gallery-id=\"gallery-0\">\n    <a href=\"\/blog\/construct-truffle-artifact-source-lists\/photo-of-truffles-on-the-plate-783153.jpg\" data-pswp-width=\"3072\" data-pswp-height=\"2048\" target=\"_blank\">\n        <img src=\"\/blog\/construct-truffle-artifact-source-lists\/photo-of-truffles-on-the-plate-783153_thumb.jpg\" alt=\"Image\" class=\"image-process-article-image\" \/>\n    <\/a>\n<\/div>\n<p>This is a quick and dirty workaround for an issue that has been bugging me a lot. <a href=\"https:\/\/github.com\/trufflesuite\/truffle\/\">Truffle<\/a> is one of the central, if not the most central development tool for building smart contracts on Ethereum to date. When compiling a Truffle project, the output is stored in <code>build\/contracts \u2026<\/code><\/p>","pubDate":"Tue, 12 May 2020 00:00:00 +0200","guid":"tag:spoons.fyi,2020-05-12:\/2020\/05\/12\/construct-truffle-artifact-source-lists.html","category":"Software"},{"title":"HackTheBox Postman","link":"https:\/\/spoons.fyi\/2020\/03\/21\/hackthebox-postman.html","description":"<p>Postman was an easy-going box. It required careful enumeration and beyond that did not have too much resistance in privilege escalation. This makes it a prime example for real-world M&amp;M security where the initial foothold is hard, but there is few resistance on the inside. Let's start out by \u2026<\/p>","pubDate":"Sat, 21 Mar 2020 00:00:00 +0100","guid":"tag:spoons.fyi,2020-03-21:\/2020\/03\/21\/hackthebox-postman.html","category":"Challenges"},{"title":"The Web3 API has come to Python!","link":"https:\/\/spoons.fyi\/2020\/03\/15\/the-web3-api-has-come-to-python.html","description":"<p>Last week I received an email in my inbox about a hackathon hosted by the awesome folks over at <a href=\"http:\/\/amberdata.io\/\">Amberdata<\/a>. They are a provider for on-chain data and cover a large variety of blockchains - including Ethereum, Bitcoin, and Stellar. I have met the developers in the team in late 2018 \u2026<\/p>","pubDate":"Sun, 15 Mar 2020 00:00:00 +0100","guid":"tag:spoons.fyi,2020-03-15:\/2020\/03\/15\/the-web3-api-has-come-to-python.html","category":"Software"},{"title":"36C3 Telnet Challenge (Cat CTF)","link":"https:\/\/spoons.fyi\/2020\/01\/18\/36c3-telnet-challenge-cat-ctf.html","description":"<p>This is a write-up from the 36th Chaos Communication Congress, 2019. It has been my fourth Congress. Timed shortly after Christmas, it feels like meeting a second kind of family after the holidays. Hackers from all over the world gather in Leipzig to celebrate the weirdness of our community, break \u2026<\/p>","pubDate":"Sat, 18 Jan 2020 00:00:00 +0100","guid":"tag:spoons.fyi,2020-01-18:\/2020\/01\/18\/36c3-telnet-challenge-cat-ctf.html","category":"Challenges"},{"title":"HackTheBox Obscurity","link":"https:\/\/spoons.fyi\/2020\/01\/12\/hackthebox-obscurity.html","description":"<p>Obscurity is a medium-difficulty box. It was super fun to solve because it involved great excuses for me to write some neat little helper scripts and find a vulnerability in Python code. Something you don't do too often in these challenges. Let's dive right in with a nmap scan:<\/p>\n<div class=\"highlight\"><pre><span><\/span><code>$<span class=\"w\"> <\/span>nmap \u2026<\/code><\/pre><\/div>","pubDate":"Sun, 12 Jan 2020 00:00:00 +0100","guid":"tag:spoons.fyi,2020-01-12:\/2020\/01\/12\/hackthebox-obscurity.html","category":"Challenges"},{"title":"HackTheBox OpenAdmin","link":"https:\/\/spoons.fyi\/2020\/01\/09\/hackthebox-openadmin.html","description":"<p>OpenAdmin is yet another medium-difficulty machine, which was a blast to hack on! It involved dealing with various stack components, such as interacting directly with a MySQL database. Furthermore, hopping across multiple users through different escalation vectors was very satisfying. Let's see how it is done!Our first nmap scan \u2026<\/p>","pubDate":"Thu, 09 Jan 2020 00:00:00 +0100","guid":"tag:spoons.fyi,2020-01-09:\/2020\/01\/09\/hackthebox-openadmin.html","category":"Challenges"},{"title":"HackTheBox Traverxec","link":"https:\/\/spoons.fyi\/2020\/01\/04\/hackthebox-traverxec.html","description":"<p>Traverxec is an interesting box, mainly because the HackTheBox team rated it as easy while the community disagreed and voted it to medium difficulty. It involved a funky privilege escalation that I had not seen before. Let's see how it's done! Our first nmap scan does not return exciting results \u2026<\/p>","pubDate":"Sat, 04 Jan 2020 00:00:00 +0100","guid":"tag:spoons.fyi,2020-01-04:\/2020\/01\/04\/hackthebox-traverxec.html","category":"Challenges"},{"title":"HackTheBox Wall","link":"https:\/\/spoons.fyi\/2019\/12\/07\/hackthebox-wall.html","description":"<p>Wall was as much a fun and educational box as it was frustrating and stretching my patience. It felt like the system was updated by the creator to have some features in place meant to annoy people trying to break in. Nevertheless, there are some nice WAF evasion techniques to \u2026<\/p>","pubDate":"Sat, 07 Dec 2019 00:00:00 +0100","guid":"tag:spoons.fyi,2019-12-07:\/2019\/12\/07\/hackthebox-wall.html","category":"Challenges"},{"title":"Dear Medium,","link":"https:\/\/spoons.fyi\/2019\/11\/11\/dear-medium.html","description":"<p>My blogging journey has taken me far. I started writing articles about six years ago. Things got serious after I started studying Computer Science. Among the students of my class there was a lot of chatter. The tendency was that who was unable to communicate would soon start failing exams \u2026<\/p>","pubDate":"Mon, 11 Nov 2019 00:00:00 +0100","guid":"tag:spoons.fyi,2019-11-11:\/2019\/11\/11\/dear-medium.html","category":"Personal"},{"title":"The DEFCON 27 Packet Hacking Village Honeypot Challenge","link":"https:\/\/spoons.fyi\/2019\/08\/15\/the-defcon-27-packet-hacking-village-honeypot-challenge.html","description":"<p>This year marks the first time I got to attend DEFCON Las Vegas\u200a\u2014\u200aone of the largest hacker conferences in the world. There are a plethora of things to discover and try out. The talks can be streamed later, but the workshops and spontaneous gatherings? A challenge that caught my \u2026<\/p>","pubDate":"Thu, 15 Aug 2019 00:00:00 +0200","guid":"tag:spoons.fyi,2019-08-15:\/2019\/08\/15\/the-defcon-27-packet-hacking-village-honeypot-challenge.html","category":"Challenges"},{"title":"A Code Review Story","link":"https:\/\/spoons.fyi\/2019\/07\/28\/a-code-review-story.html","description":"<p>This is the first post of a sporadic series where we will dive into the weeds of more complex Python code review samples. I will take (slightly modified) real-world code samples, explain some common mistakes that have been made, and how we can improve things. Let\u2019s jump right in \u2026<\/p>","pubDate":"Sun, 28 Jul 2019 00:00:00 +0200","guid":"tag:spoons.fyi,2019-07-28:\/2019\/07\/28\/a-code-review-story.html","category":"Software"},{"title":"HackTheBox fs0sciety","link":"https:\/\/spoons.fyi\/2018\/10\/20\/hackthebox-fs0sciety.html","description":"<p>fs0ciety is yet another low-hanging fruit among the HackTheBox challenges. It's great for beginners who want to test their process for cracking password-protected zip files and recognition of various encodings.For that, we will use <code>fcrackzip<\/code>- simply for the reason that it has been around for ages and ships with \u2026<\/p>","pubDate":"Sat, 20 Oct 2018 00:00:00 +0200","guid":"tag:spoons.fyi,2018-10-20:\/2018\/10\/20\/hackthebox-fs0sciety.html","category":"Challenges"},{"title":"Explain like I'm five: Cryptographic Hashing","link":"https:\/\/spoons.fyi\/2018\/10\/15\/explain-like-im-five-cryptographic-hashing.html","description":"<p><strong>tl;dr<\/strong> Just check out the image and read the details below it if you want to know even more.\u00a0:)<\/p>\n<p>A few days back I read an <a href=\"https:\/\/medium.com\/@yunyun_chen\/guide-hashing-c04a049fac58\">article by Yunyun Chen<\/a> explaining Hashing in an infographic. I enjoyed it and read some comments, which pointed out a couple of weak \u2026<\/p>","pubDate":"Mon, 15 Oct 2018 00:00:00 +0200","guid":"tag:spoons.fyi,2018-10-15:\/2018\/10\/15\/explain-like-im-five-cryptographic-hashing.html","category":"Security"},{"title":"HackTheBox 0ld_is_g0ld","link":"https:\/\/spoons.fyi\/2018\/10\/13\/hackthebox-0ld_is_g0ld.html","description":"<p>0ld_is_g0ld is a HackTheBox challenge and a great way for beginners to familiarize themselves with PDF password cracking. If you have used Hashcat before, it's an easy win. Verifying we indeed are targeting the correct file format:<\/p>\n<div class=\"highlight\"><pre><span><\/span><code>$<span class=\"w\"> <\/span>file<span class=\"w\"> <\/span>0ld<span class=\"se\">\\ <\/span>is<span class=\"se\">\\ <\/span>g0ld.pdf\n0ld<span class=\"w\"> <\/span>is<span class=\"w\"> <\/span>g0ld.pdf:<span class=\"w\"> <\/span>PDF<span class=\"w\"> <\/span>document,<span class=\"w\"> <\/span>version<span class=\"w\"> <\/span><span class=\"m\">1 \u2026<\/span><\/code><\/pre><\/div>","pubDate":"Sat, 13 Oct 2018 00:00:00 +0200","guid":"tag:spoons.fyi,2018-10-13:\/2018\/10\/13\/hackthebox-0ld_is_g0ld.html","category":"Challenges"},{"title":"The Thing about Mutable Default Arguments in Python","link":"https:\/\/spoons.fyi\/2018\/10\/10\/the-thing-about-mutable-default-arguments-in-python.html","description":"<p>Yesterday I stumbled across some code like this...<\/p>\n<div class=\"highlight\"><pre><span><\/span><code><span class=\"k\">def<\/span> <span class=\"nf\">search_children<\/span><span class=\"p\">(<\/span><span class=\"n\">statespace<\/span><span class=\"p\">,<\/span> <span class=\"n\">node<\/span><span class=\"p\">,<\/span> <span class=\"n\">start_index<\/span><span class=\"o\">=<\/span><span class=\"mi\">0<\/span><span class=\"p\">,<\/span> <span class=\"n\">depth<\/span><span class=\"o\">=<\/span><span class=\"mi\">0<\/span><span class=\"p\">,<\/span> <span class=\"n\">results<\/span><span class=\"o\">=<\/span><span class=\"p\">[]):<\/span>\n    <span class=\"k\">if<\/span> <span class=\"n\">depth<\/span> <span class=\"o\">&lt;<\/span> <span class=\"n\">MAX_SEARCH_DEPTH<\/span><span class=\"p\">:<\/span>\n        <span class=\"n\">n_states<\/span> <span class=\"o\">=<\/span> <span class=\"nb\">len<\/span><span class=\"p\">(<\/span><span class=\"n\">node<\/span><span class=\"o\">.<\/span><span class=\"n\">states<\/span><span class=\"p\">)<\/span>\n        <span class=\"k\">if<\/span> <span class=\"n\">n_states<\/span> <span class=\"o\">&gt;<\/span> <span class=\"n\">start_index<\/span><span class=\"p\">:<\/span>\n            <span class=\"k\">for<\/span> <span class=\"n\">j<\/span> <span class=\"ow\">in<\/span> <span class=\"nb\">range<\/span><span class=\"p\">(<\/span><span class=\"n\">start_index<\/span><span class=\"p\">,<\/span> <span class=\"n\">n_states<\/span><span class=\"p\">):<\/span>\n                <span class=\"k\">if<\/span> <span class=\"n\">node<\/span><span class=\"o\">.<\/span><span class=\"n\">states<\/span><span class=\"p\">[<\/span><span class=\"n\">j<\/span><span class=\"p\">]<\/span><span class=\"o\">.<\/span><span class=\"n\">get_current_instruction<\/span><span class=\"p\">()[<\/span><span class=\"s1\">&#39;opcode&#39;<\/span><span class=\"p\">]<\/span> <span class=\"o\">==<\/span> <span class=\"s1\">&#39;SSTORE&#39;<\/span><span class=\"p\">:<\/span>\n                  <span class=\"n\">results<\/span><span class=\"o\">.<\/span><span class=\"n\">append<\/span><span class=\"p\">(<\/span><span class=\"n\">node<\/span><span class=\"o\">.<\/span><span class=\"n\">states<\/span><span class=\"p\">[<\/span><span class=\"n\">j<\/span><span class=\"p\">]<\/span><span class=\"o\">.<\/span><span class=\"n\">get_current_instruction<\/span><span class=\"p\">()[<\/span><span class=\"s1\">&#39;address&#39;<\/span><span class=\"p\">])<\/span>\n    <span class=\"o\">...<\/span>\n<\/code><\/pre><\/div>\n\n<p>The semantics of \u2026<\/p>","pubDate":"Wed, 10 Oct 2018 00:00:00 +0200","guid":"tag:spoons.fyi,2018-10-10:\/2018\/10\/10\/the-thing-about-mutable-default-arguments-in-python.html","category":"Software"},{"title":"Low-level Debugging of Stubborn Docker Containers","link":"https:\/\/spoons.fyi\/2018\/09\/16\/low-level-debugging-of-stubborn-docker-containers.html","description":"<p>A few weeks back I have started contributing to the awesome <a href=\"https:\/\/github.com\/ConsenSys\/mythril\">Mythril<\/a> project. Mythril is a security scanner for smart contracts that allows everyone to look for vulnerabilities on- and off-chain by being able to analyze raw smart contract code, as well as the actual Solidity code file. To make \u2026<\/p>","pubDate":"Sun, 16 Sep 2018 00:00:00 +0200","guid":"tag:spoons.fyi,2018-09-16:\/2018\/09\/16\/low-level-debugging-of-stubborn-docker-containers.html","category":"software"},{"title":"Parsing KMZ Track Data in Python","link":"https:\/\/spoons.fyi\/2018\/09\/14\/parsing-kmz-track-data-in-python.html","description":"<p>A few days back I stumbled across an interesting problem. I was asked to develop a solution that was doing some analysis work on geolocation data stored in KMZ format. Existing solutions like <a href=\"https:\/\/pypi.python.org\/pypi\/fastkml\/0.11\">fastkml (64KB)<\/a> and <a href=\"https:\/\/pypi.python.org\/pypi\/pykml\/0.1.3\">pykml (42KB)<\/a> seemed nice at the first glance, proved to be unnecessary overhead, however \u2026<\/p>","pubDate":"Fri, 14 Sep 2018 00:00:00 +0200","guid":"tag:spoons.fyi,2018-09-14:\/2018\/09\/14\/parsing-kmz-track-data-in-python.html","category":"Software"},{"title":"HackTheBox Sense","link":"https:\/\/spoons.fyi\/2018\/03\/01\/hackthebox-sense.html","description":"<p>Sense was a HackTheBox machine that really tested my patience during the enumeration phase. It is a box designed around the popular <a href=\"https:\/\/www.pfsense.org\/\">pfSense<\/a> firewall. Let's dive in! Firstly, we start our usual standard nmap scan:<\/p>\n<div class=\"highlight\"><pre><span><\/span><code>Starting<span class=\"w\"> <\/span>Nmap<span class=\"w\"> <\/span><span class=\"m\">7<\/span>.60<span class=\"w\"> <\/span><span class=\"o\">(<\/span><span class=\"w\"> <\/span>https:\/\/nmap.org<span class=\"w\"> <\/span><span class=\"o\">)<\/span><span class=\"w\"> <\/span>at<span class=\"w\"> <\/span><span class=\"m\">2018<\/span>-02-27<span class=\"w\"> <\/span><span class=\"m\">19<\/span>:44<span class=\"w\"> <\/span>CET\nNmap<span class=\"w\"> <\/span>scan \u2026<\/code><\/pre><\/div>","pubDate":"Thu, 01 Mar 2018 00:00:00 +0100","guid":"tag:spoons.fyi,2018-03-01:\/2018\/03\/01\/hackthebox-sense.html","category":"Challenges"},{"title":"HackTheBox Bashed","link":"https:\/\/spoons.fyi\/2018\/02\/27\/hackthebox-bashed.html","description":"<p>Bashed is a great entry-level box for people who are just getting started with HackTheBox. If you are just getting started with penetration testing, the value of this box is less in its technical content but rather in giving you the chance to exercise through your processes once. A bit \u2026<\/p>","pubDate":"Tue, 27 Feb 2018 00:00:00 +0100","guid":"tag:spoons.fyi,2018-02-27:\/2018\/02\/27\/hackthebox-bashed.html","category":"Challenges"},{"title":"HackTheBox Nibbles","link":"https:\/\/spoons.fyi\/2018\/02\/26\/hackthebox-nibbles.html","description":"<p>Nibbles was one of the first machines I broke on HTB. It is a relatively simple machine that requires a little bit of reconnaissance and leads you to a (hopefully) easy win by letting you poke around the website. Let's dive in!First, we run a quick port scan: <code>nmap \u2026<\/code><\/p>","pubDate":"Mon, 26 Feb 2018 00:00:00 +0100","guid":"tag:spoons.fyi,2018-02-26:\/2018\/02\/26\/hackthebox-nibbles.html","category":"Challenges"},{"title":"Quick Hack: Generating PDFs with Python and XeTeX","link":"https:\/\/spoons.fyi\/2018\/01\/10\/quick-hack-generating-pdfs-with-python-and-xetex.html","description":"<p>A friend of mine is following a PhD in a non-technical field. And his boss is a bully. Work mainly happens with high-level statistical analysis tools. No one knows anything about programming and most problems are solved by hand. While on a positive note this means good chances to get \u2026<\/p>","pubDate":"Wed, 10 Jan 2018 00:00:00 +0100","guid":"tag:spoons.fyi,2018-01-10:\/2018\/01\/10\/quick-hack-generating-pdfs-with-python-and-xetex.html","category":"Software"},{"title":"Converting MySQL Table Data to a Graphml File","link":"https:\/\/spoons.fyi\/2017\/06\/03\/converting-mysql-table-data-to-a-graphml-file.html","description":"<p>I recently found myself in the situation where I was given access to a huge MySQL database that contained network traffic flows and IDS signature match data. As I work a lot with graph-based approaches, I needed to convert the table's flow data into a graphml file for later visualization \u2026<\/p>","pubDate":"Sat, 03 Jun 2017 00:00:00 +0200","guid":"tag:spoons.fyi,2017-06-03:\/2017\/06\/03\/converting-mysql-table-data-to-a-graphml-file.html","category":"Software"},{"title":"N-wise Iteration in Python","link":"https:\/\/spoons.fyi\/2017\/04\/17\/n-wise-iteration-in-python.html","description":"<p>A few hours back I stumbled into a problem where I had to perform a lookahead of n elements in a list to do some calculations. The first thought: Just take the current index and get all elements until i+n. I started writing..<\/p>\n<div class=\"highlight\"><pre><span><\/span><code><span class=\"k\">for<\/span> <span class=\"n\">i<\/span> <span class=\"ow\">in<\/span> <span class=\"nb\">range<\/span><span class=\"p\">(<\/span><span class=\"nb\">len<\/span><span class=\"p\">(<\/span><span class=\"n\">iterable \u2026<\/span><\/code><\/pre><\/div>","pubDate":"Mon, 17 Apr 2017 00:00:00 +0200","guid":"tag:spoons.fyi,2017-04-17:\/2017\/04\/17\/n-wise-iteration-in-python.html","category":"Software"},{"title":"Hebe Design Decisions","link":"https:\/\/spoons.fyi\/2017\/03\/25\/hebe-design-decisions.html","description":"<p>After the exams I had some free hours so I decided to show my blog some more love and look for a new theme. The old one, a customized version of <a href=\"https:\/\/github.com\/onlyhavecans\/pelican-chunk\">Chunk<\/a> was little more than a hack to have a theme at all. Here's a quick reminder of how \u2026<\/p>","pubDate":"Sat, 25 Mar 2017 00:00:00 +0100","guid":"tag:spoons.fyi,2017-03-25:\/2017\/03\/25\/hebe-design-decisions.html","category":"Software"},{"title":"My New (old) Blog on Github Pages","link":"https:\/\/spoons.fyi\/2017\/03\/25\/my-new-old-blog-on-github-pages.html","description":"<p>After the exams, I had some free hours so I decided to show my blog some more love and look for a new theme. The old one, a customized version of <a href=\"https:\/\/github.com\/onlyhavecans\/pelican-chunk\">Chunk<\/a> was little more than a hack to have a theme at all. Here's a quick reminder of how \u2026<\/p>","pubDate":"Sat, 25 Mar 2017 00:00:00 +0100","guid":"tag:spoons.fyi,2017-03-25:\/2017\/03\/25\/my-new-old-blog-on-github-pages.html","category":"Software"},{"title":"PPP #13 Goodbye Trip: Campana & Punta Chame","link":"https:\/\/spoons.fyi\/2016\/09\/04\/ppp-13-goodbye-trip-campana-punta-chame.html","description":"<p>As most of my stories in Panama this trip starts with some new friends. At my workplace, the <em>Universidad Tecnol\u00f3gica de Panam\u00e1 (UTP)<\/em>, I didn't have much contact to students, because I spent most of my time on campus inside an office. The international office of the uni was very \u2026<\/p>","pubDate":"Sun, 04 Sep 2016 00:00:00 +0200","guid":"tag:spoons.fyi,2016-09-04:\/2016\/09\/04\/ppp-13-goodbye-trip-campana-punta-chame.html","category":"Personal"},{"title":"PPP #12 Getting my Greens in Valle de Ant\u00f3n","link":"https:\/\/spoons.fyi\/2016\/08\/13\/ppp-12-getting-my-greens-in-valle-de-anton.html","description":"<p>Social Networks are awesome for travelling. By pure accident I met some fellow <em>viajeros<\/em> - two handsome women from Israel and Poland. After a quick chat and meetup we decided to spend our time in Valle de Ant\u00f3n - Anton Valley. From colleagues I already heard a lot about it's natural beauty \u2026<\/p>","pubDate":"Sat, 13 Aug 2016 00:00:00 +0200","guid":"tag:spoons.fyi,2016-08-13:\/2016\/08\/13\/ppp-12-getting-my-greens-in-valle-de-anton.html","category":"Personal"},{"title":"PPP #11 Strolling through the Park","link":"https:\/\/spoons.fyi\/2016\/08\/06\/ppp-11-strolling-through-the-park.html","description":"<div class=\"pswp-gallery single-image\" data-gallery-id=\"gallery-0\">\n    <a href=\"\/blog\/ppp-11-strolling-through-the-park\/metropolitano-1.jpg\" data-pswp-width=\"3552\" data-pswp-height=\"1920\" target=\"_blank\">\n        <img src=\"\/blog\/ppp-11-strolling-through-the-park\/metropolitano-1_thumb.jpg\" alt=\"Metropolitano Entrance Sign\" class=\"image-process-article-image\" \/>\n    <\/a>\n<\/div>\n<p>Since 1988 there is a park just on the outskirts of Panama City - <em>El Parque Natural Metropolitano<\/em>. It's the only wildlife refuge in the city and is host to an amazing variety of wildlife. There are no special attractions there. It's a place you just go to in a casual \u2026<\/p>","pubDate":"Sat, 06 Aug 2016 00:00:00 +0200","guid":"tag:spoons.fyi,2016-08-06:\/2016\/08\/06\/ppp-11-strolling-through-the-park.html","category":"Personal"},{"title":"PPP #10 Gamboa: Welcome to the Jungle","link":"https:\/\/spoons.fyi\/2016\/07\/09\/ppp-10-gamboa-welcome-to-the-jungle.html","description":"<p>My sister and a colleague of her decided to visit me in Panam\u00e0. Still being busy with the investigation, I did not manage to find a lot of time for travels during the week. However on the weekends, we managed to make some small trips. One of them lead us \u2026<\/p>","pubDate":"Sat, 09 Jul 2016 00:00:00 +0200","guid":"tag:spoons.fyi,2016-07-09:\/2016\/07\/09\/ppp-10-gamboa-welcome-to-the-jungle.html","category":"Personal"},{"title":"Install Intel Graphics Drivers for Fedora 23","link":"https:\/\/spoons.fyi\/2016\/06\/29\/install-intel-graphics-drivers-for-fedora-23.html","description":"<p>This is a thing I always forget and have to look up. My Dell XPS 13 (2013) runs on an Intel HD4000 and the drivers are obviously not in the standard repos. This script pulls the (at the time of this writing) most recent driver from the repos of the \u2026<\/p>","pubDate":"Wed, 29 Jun 2016 00:00:00 +0200","guid":"tag:spoons.fyi,2016-06-29:\/2016\/06\/29\/install-intel-graphics-drivers-for-fedora-23.html","category":"Software"},{"title":"Visualizing IP Connections in Python","link":"https:\/\/spoons.fyi\/2016\/06\/27\/visualizing-ip-connections-in-python.html","description":"<p>For some research on botnet host detection in large-scale networks, I found myself in the situation that I had to apply a set of algorithms to a huge packet dump. To comprehend an amazing paper, I started to play around with the dataset and tried to reproduce the results presented \u2026<\/p>","pubDate":"Mon, 27 Jun 2016 00:00:00 +0200","guid":"tag:spoons.fyi,2016-06-27:\/2016\/06\/27\/visualizing-ip-connections-in-python.html","category":"Software"},{"title":"PPP #09 A Trip to Paradise - Bocas del Toro","link":"https:\/\/spoons.fyi\/2016\/06\/19\/ppp-09-a-trip-to-paradise-bocas-del-toro.html","description":"<p>In the travel magazines you always see the same ad pictures. Cristal clear water gently stroking the white-sand beach bordered by palm trees. Deep cyan colours meet intense whites and greens. Amidst this paradisal scenery happily sits a woman drinking from a coconut, enjoying the sun. HARD CUT - company name \u2026<\/p>","pubDate":"Sun, 19 Jun 2016 00:00:00 +0200","guid":"tag:spoons.fyi,2016-06-19:\/2016\/06\/19\/ppp-09-a-trip-to-paradise-bocas-del-toro.html","category":"Personal"},{"title":"PPP #08 Conquering Volc\u00e1n Bar\u00fa","link":"https:\/\/spoons.fyi\/2016\/06\/13\/ppp-08-conquering-volcan-baru.html","description":"<p>This was an extraordinary hiking trip full of firsts. I have never ever before been hiking<\/p>\n<ul>\n<li>in Panama<\/li>\n<li>in tropical weather<\/li>\n<li>on an active volcano<\/li>\n<li>on a mountain higher than 2,500m<\/li>\n<\/ul>\n<p>It all begins at the Albrook bus station in Panam\u00e1 City. In the night from Friday to Saturday \u2026<\/p>","pubDate":"Mon, 13 Jun 2016 00:00:00 +0200","guid":"tag:spoons.fyi,2016-06-13:\/2016\/06\/13\/ppp-08-conquering-volcan-baru.html","category":"Personal"},{"title":"PPP #07 Isla Grande","link":"https:\/\/spoons.fyi\/2016\/06\/05\/ppp-07-isla-grande.html","description":"<p>A sunny day, 30\u00b0C and air humidity so high that breathing feels like waterboarding. Perfect conditions to go to the beach! Just some hours by car in the province of Col\u00f3n north of Panam\u00e1 City, you can find <em>Isla Grande<\/em>. This island is your typical small Caribbean island with \u2026<\/p>","pubDate":"Sun, 05 Jun 2016 00:00:00 +0200","guid":"tag:spoons.fyi,2016-06-05:\/2016\/06\/05\/ppp-07-isla-grande.html","category":"Personal"},{"title":"ERROR 2999: Invalid preprocessor command specified","link":"https:\/\/spoons.fyi\/2016\/06\/03\/error-2999-invalid-preprocessor-command-specified.html","description":"<p>I am quite new to working with <a href=\"https:\/\/aws.amazon.com\/elasticmapreduce\/\">Amazon Elastic MapReduce<\/a> clusters. To do some large scale data analysis, I built a Pig script and ran it on a local pig installation to verify its functionality. Works. Neat! Let's push it to the cluster and get some serious results on the \u2026<\/p>","pubDate":"Fri, 03 Jun 2016 00:00:00 +0200","guid":"tag:spoons.fyi,2016-06-03:\/2016\/06\/03\/error-2999-invalid-preprocessor-command-specified.html","category":"Software"},{"title":"PPP #06 The City of Knowledge","link":"https:\/\/spoons.fyi\/2016\/05\/19\/ppp-06-the-city-of-knowledge.html","description":"<p>Located about 20 minutes away from the Technological University of Panama - assuming you don't run into a traffic jam - lies the <em>Ciudad del Saber<\/em>, the City of Knowledge. When Panama was occupied by the United States, this base directly in front of the Miraflores locks was called Fort Clayton and \u2026<\/p>","pubDate":"Thu, 19 May 2016 00:00:00 +0200","guid":"tag:spoons.fyi,2016-05-19:\/2016\/05\/19\/ppp-06-the-city-of-knowledge.html","category":"Personal"},{"title":"PPP #05 Taboga - The Island of Flowers","link":"https:\/\/spoons.fyi\/2016\/05\/15\/ppp-05-taboga-the-island-of-flowers.html","description":"<p>During a fair on stipends and opportunities to go abroad at the UTP I met some other interns and students of the uni! Amazing people from Portugal, Mexico, Honduras and Poland. We had a coffee together and got to know each other. They are very down to earth and easy-going \u2026<\/p>","pubDate":"Sun, 15 May 2016 00:00:00 +0200","guid":"tag:spoons.fyi,2016-05-15:\/2016\/05\/15\/ppp-05-taboga-the-island-of-flowers.html","category":"Personal"},{"title":"PPP #04 Turning the Tides","link":"https:\/\/spoons.fyi\/2016\/05\/02\/ppp-04-turning-the-tides.html","description":"<p>A Monday. Got up early. Bought a Spartan breakfast (water and bread). Off we go to the uni! Work! Get shit done! Meet people! <em>\"Hoy est\u00e1 cerrado!\"<\/em>. I stand before closed doors, next to me a wildly gesticulating and almost shouting security guard crossing his hands. Yeah, right. Today was \u2026<\/p>","pubDate":"Mon, 02 May 2016 00:00:00 +0200","guid":"tag:spoons.fyi,2016-05-02:\/2016\/05\/02\/ppp-04-turning-the-tides.html","category":"Personal"},{"title":"PPP #03 New Lands","link":"https:\/\/spoons.fyi\/2016\/05\/01\/ppp-03-new-lands.html","description":"<p>So today I moved out of Brigitte's house into the new apartment. Before coming here I had the choice between a single apartment with my own fridge and bathroom or a flat-share with ten other people with a shared bathroom and a community kitchen. I decided for the latter, because \u2026<\/p>","pubDate":"Sun, 01 May 2016 00:00:00 +0200","guid":"tag:spoons.fyi,2016-05-01:\/2016\/05\/01\/ppp-03-new-lands.html","category":"Personal"},{"title":"PPP #02 A Helping Hand","link":"https:\/\/spoons.fyi\/2016\/04\/30\/ppp-02-a-helping-hand.html","description":"<p>Brigitte, my mentor, is an amazing person. She does not only give me a place to sleep. She also hooked me up with a SIM card so I have mobile internet connection. That way I can now navigate around the city and cry for help on WhatsApp should I ever \u2026<\/p>","pubDate":"Sat, 30 Apr 2016 00:00:00 +0200","guid":"tag:spoons.fyi,2016-04-30:\/2016\/04\/30\/ppp-02-a-helping-hand.html","category":"Personal"},{"title":"PPP #01 Come Fly With Me","link":"https:\/\/spoons.fyi\/2016\/04\/28\/ppp-01-come-fly-with-me.html","description":"<p>This little series is about my \"travel\" to Panam\u00e1. I applied at IAESTE for an internship in the IT security department of the <em>UTP (Universidad Tecnol\u00f3gica de Panam\u00e1)<\/em>. Here, in my <em>P<\/em>ersonal <em>P<\/em>anama <em>P<\/em>apers I'll write down some of my experiences, problems and solutions while I find \u2026<\/p>","pubDate":"Thu, 28 Apr 2016 00:00:00 +0200","guid":"tag:spoons.fyi,2016-04-28:\/2016\/04\/28\/ppp-01-come-fly-with-me.html","category":"Personal"},{"title":"Saxon Switzerland in Autumn","link":"https:\/\/spoons.fyi\/2015\/11\/01\/saxon-switzerland-in-autumn.html","description":"<p>When you have the chance to study in Dresden, it's a <em>must<\/em> for every outdoor person to go hiking in the Saxon Switzerland. It's only ~30 minutes away from Dresden and you can get there for free with your semester ticket if you're enrolled at the local uni, Technische Universit\u00e4t \u2026<\/p>","pubDate":"Sun, 01 Nov 2015 22:24:00 +0100","guid":"tag:spoons.fyi,2015-11-01:\/2015\/11\/01\/saxon-switzerland-in-autumn.html","category":"Personal"},{"title":"The \"Pythonic\" GOTO","link":"https:\/\/spoons.fyi\/2015\/06\/15\/the-pythonic-goto.html","description":"<p>Nope, I'm not going to join the goto war. Even though it's shunned among developers, there are still some situations where it makes sense. A good friend of mine with a background in C recently came to me with a very simple problem that still made him scratch his head \u2026<\/p>","pubDate":"Mon, 15 Jun 2015 00:00:00 +0200","guid":"tag:spoons.fyi,2015-06-15:\/2015\/06\/15\/the-pythonic-goto.html","category":"Software"},{"title":"Performing Well at CodeFEST8","link":"https:\/\/spoons.fyi\/2015\/05\/22\/performing-well-at-codefest8.html","description":"<p>When we decided to enter the hackathon, some fellow students and I were in it for the fun. We had worked together before in a mandatory software project and wanted to revive the productive atmosphere of the good old times. Neither did we expect to <em>win in Dresden<\/em> nor did \u2026<\/p>","pubDate":"Fri, 22 May 2015 00:00:00 +0200","guid":"tag:spoons.fyi,2015-05-22:\/2015\/05\/22\/performing-well-at-codefest8.html","category":"Challenges"},{"title":"Some thoughts on the CodeFEST8 in Dresden","link":"https:\/\/spoons.fyi\/2015\/05\/12\/some-thoughts-on-the-codefest8-in-dresden.html","description":"<div class=\"pswp-gallery single-image\" data-gallery-id=\"gallery-0\">\n    <a href=\"\/blog\/some-thoughts-codefest8-dresden\/codefest8.gif\" data-pswp-width=\"468\" data-pswp-height=\"129\" target=\"_blank\">\n        <img src=\"\/blog\/some-thoughts-codefest8-dresden\/codefest8.gif\" alt=\"CodeFEST8 Logo\" class=\"\" \/>\n    <\/a>\n<\/div>\n<h4>What is it?<\/h4>\n<p>The <a href=\"http:\/\/www.group-it.volkswagenag.com\/codefest\/codefest.html\">CodeFEST<\/a> is a hackathon held by Volkswagen. Basically, you're joining a team and with the help of some mentors you tickle your brain for 26 hours of pure work until a great, innovative idea comes out. After reaching the deadline, you give a short five minute \u2026<\/p>","pubDate":"Tue, 12 May 2015 00:00:00 +0200","guid":"tag:spoons.fyi,2015-05-12:\/2015\/05\/12\/some-thoughts-on-the-codefest8-in-dresden.html","category":"Challenges"},{"title":"VPN with openconnect in Ubuntu 14.10","link":"https:\/\/spoons.fyi\/2015\/05\/12\/vpn-with-openconnect-in-ubuntu-1410.html","description":"<p>Many services that my university offers have one requirement: to be in a trusted network. That is either eduroam or any network where you can connect through a VPN tunnel. As sad as it is, I don't have an eduroam router next to my home. However, I ran into some \u2026<\/p>","pubDate":"Tue, 12 May 2015 00:00:00 +0200","guid":"tag:spoons.fyi,2015-05-12:\/2015\/05\/12\/vpn-with-openconnect-in-ubuntu-1410.html","category":"Software"},{"title":"Code Verification with Git Hooks and Flake8","link":"https:\/\/spoons.fyi\/2015\/05\/02\/code-verification-with-git-hooks-and-flake8.html","description":"<p>We all have that special someone in our life. Someone who dares to commit and push something like this into the master-branch:<\/p>\n<div class=\"highlight\"><pre><span><\/span><code><span class=\"kn\">import<\/span> <span class=\"nn\">math<\/span><span class=\"o\">,<\/span> <span class=\"nn\">os<\/span><span class=\"o\">,<\/span> <span class=\"nn\">sys<\/span>\n\n<span class=\"k\">def<\/span> <span class=\"nf\">test_function<\/span><span class=\"p\">(<\/span><span class=\"n\">one<\/span><span class=\"p\">,<\/span> <span class=\"n\">two<\/span><span class=\"p\">,<\/span>\n    <span class=\"n\">three<\/span><span class=\"p\">,<\/span> <span class=\"n\">four<\/span><span class=\"p\">,<\/span> <span class=\"n\">five<\/span><span class=\"p\">):<\/span>\n    <span class=\"kn\">from<\/span> <span class=\"nn\">test.utils<\/span> <span class=\"kn\">import<\/span> <span class=\"o\">*<\/span>\n    <span class=\"nb\">print<\/span> <span class=\"n\">x<\/span><span class=\"p\">;<\/span> <span class=\"nb\">print<\/span> <span class=\"n\">y<\/span>\n    <span class=\"k\">if<\/span> <span class=\"n\">two<\/span><span class=\"o\">==<\/span><span class=\"n\">three<\/span> <span class=\"ow\">and<\/span> <span class=\"p\">(<\/span><span class=\"n\">four<\/span><span class=\"o\">!=<\/span><span class=\"n\">five<\/span> <span class=\"ow\">or<\/span> <span class=\"n\">one<\/span><span class=\"o\">!=<\/span><span class=\"n\">three \u2026<\/span><\/code><\/pre><\/div>","pubDate":"Sat, 02 May 2015 00:00:00 +0200","guid":"tag:spoons.fyi,2015-05-02:\/2015\/05\/02\/code-verification-with-git-hooks-and-flake8.html","category":"Software"}]}}