Hetty is an HTTP toolkit for security research. It aims to become an open source alternative to commercial software like Burp Suite Pro, with powerful features tailored to the needs of the infosec and bug bounty community.
#security #infosec
https://github.com/dstotijn/hetty

Мы в VictoriaMetrics наконец-то готовы представить vmanomaly - machine learning составляющую мониторинга VictoriaMetrics:
https://medium.com/@VictoriaMetrics/anomaly-detection-in-victoriametrics-9528538786a7

Another useful tool, this time for testing web apps, comes to the Python world from Microsoft. Definitely worth your time to check it.
BTW It’s Friday today
https://devblogs.microsoft.com/python/announcing-playwright-for-python-reliable-end-to-end-testing-for-the-web/

ну здрасьте
попробуйте в телеграфе, статсд или экспортере что-то помотать или посмотреть визуализацию метрик
естественно писать в тот или иной сторадж и оттуда смотреть - https://dou.ua/lenta/articles/linux-monitoring-with-netdata/

On the most common Terraform pitfalls

And you can found 1-2 pitfalls that you have no time covered before.

Also, check tfmodvercheck - it can be useful.

#terraform

HasiCorp представили свой новый продукт - Boundary - систему для доступа к удаленным ресурсам по trusted identity.

Продукт сейчас в активной разработке и версии 0.1
Но уже обещают добавить OIDC аутентификацию, интеграцию с Vault, поддержку динамических каталогов из Consul, AWS, Azure и GCP

#security #hashicorp

▶️ 34 видео с PowerShell Conference EU 2020
https://www.youtube.com/playlist?list=PLDCEho7foSooQwf9xWeuY9P6ESfA7bJ5C

Для тех, кто предпочитает смотреть про #PowerShell в оригинале. В ролях Jeffrey Snover, Steve Lee, Adam Driscoll и другие 👌

+ jq — CLI JSON processor written on С. Allows to extract data from JSON, modify it, supports math, variables, regexes, even has a lot of built-in functions. Installable from Debian repositories.

+ jqplay.org — online playground for jq. Great to try it, debug expressions, have a handy cheat sheet.

+ gjson — must-have Go library to get values from a complex deeply nested JSON. Has a simple and intuitive syntax.

+ jj — CLI tool written on Go, wrapper around gjson. Hence less powerful than jq but much simpler and more friendly.

#golang #cli

What happens when you type google.com into your browser and press enter? — long-read Journey about system calls, network protocols and Internet internal. A great reading and a good interview question.

Debugging Go in prod using eBPF is a fun article about inserting a breakpoint into a working binary on Go (on any language, actually) and tracking value in a function. It helps debug on production, like in Elixir or Nodejs. It wouldn't help much if you want to track a bit more than one value in one place but it's a good start.

The post is a kind of pre-announce of Pixie. This is going to be a tool that will allow you to track values and debug on production. In particular, they are targeted on k8s, for whatever reason. Their scripting language PxL is... Well, it is Python.

Kontra OWASP Top 10 is a collection of free interactive tutorials about most popular vulnerabilities and some recent security incidents. Beautiful, clickable, illustrative.

The Zen of Go — 10 good ideas from Dave Cheney on how to write better Go code. Short and useful.

#golang

YAML Multiline — a quick cheat sheet on multiline strings in YAML because it's not that simple. I guess I use this site too often for such a trivial task >.<

#yaml

Знакомство с Debezium — CDC для Apache Kafka / Флант / Хабр
https://m.habr.com/ru/company/flant/blog/523510/