PinnedDmitrii PushkarevExtend OpenVPN features. Magic scriptsWe are all familiar with OpenVPN and its many features, but not everyone is aware of the possibility of extending these features by using…Aug 28, 2023Aug 28, 2023
Dmitrii PushkarevAWS IAM Roles Anywhere with PKCS11 support (YubiKey)Hi everyone! AWS recently launched the ‘Roles Anywhere’ feature, enhancing security by allowing the use of short-term credentials instead…Apr 21Apr 21
Dmitrii PushkarevVulnerability Management with FleetDM and SplunkHi everyone! I won’t describe what it is and how to install it, I’ll just say it’s a great soft. You can find a lot materials in the…Feb 27Feb 27
Dmitrii PushkarevHow to automate getting access credentials from AssumeRoleWithSAML for AWS CLIHi everyone! In my case I have Keycloak as an Identity provider in AWS and several configured roles. There is no problem when we login in…Feb 24Feb 24
Dmitrii PushkarevIdentifying Asana Desktop Clients Vulnerable to CVE-2023–49314 with Splunk.One day I received the notification about new vulnerability in Desktop version from Asana. They spoke about CVE-2023–49314. In theory…Feb 10Feb 10
Dmitrii PushkarevThe Hidden Risks of Personal API Keys in Cloud ServicesIn the digital age, cloud services like Confluence, Asana, BambooHR and various messaging platforms have become integral to our daily…Feb 5Feb 5
Dmitrii PushkarevCURL Client Authentication using certificates from smartcard.Hi. In this story I will explain how to make HTTP requests in CURL using smart card certificates, in my case yubikey.Jan 30Jan 30
Dmitrii PushkarevHow to collect Asana audit logsHi! Yes, Asana has a special API endpoint for log collection. You can find information about it here — Audit log API and Supported audit…Jan 25Jan 25
Dmitrii PushkarevYubiKey SSH authenticationHi everyone! Today I’ll show how can we authenticate to a server over SSH using a YubiKey, without changing the server’s existing SSH…Jan 23Jan 23
Dmitrii PushkarevYubiKey AttestationI appreciate YubiKey for its exceptional security features, particularly the attestation capability which allows for remote verification…Jan 22Jan 22