Check out the blazing fast web fuzzer I wrote in Go! https://github.com/ffuf/ffuf
It enables you to work with many things that typical directory busters don’t handle, for example fuzzing HTTP headers, matching or filtering by regex matches against response body
I just pushed a #Certbot authentication hook for acme-dns for securing the ACME DNS challenge validation with #letsencrypt
It’s available at https://github.com/joohoi/acme-dns-certbot/
Now that Let’s Encrypt offers wildcard certificates, the DNS challenge method is seeing more use than previously.
Remember that storing DNS zone credentials used for the automation directly on the boxes makes things get ugly really fast if one of those boxes gets compromized!
Some time ago I wrote a blog post going through different ways and levels to mitigate the issue. Readers are expected to have some basic knowledge of DNS:
Earlier this month, Let's Encrypt (the free, automated, open Certificate Authority EFF helped launch two years ago) passed a huge milestone: issuing over 50 million active certificates. And that number is just going to keep growing, because in a few weeks Let's Encrypt will also start issuing “...
My 3yr old on what she wants to become when grown up;
fireman, pirate or a fox.
She's gonna end up just fine.
@bcrypt always dance when unlocking your phone! Would result in overall more positive tone of everyday communications as a side effect!
:man_dancing:
Ollivier Robert 🇺🇦😷🌈