Tuesday, January 15, 2019

[Links of the Day] 15/01/2019 : Incident Response best practice, Database Schema Crawler, Fingerprinting TLS

  • ja3 : something I discovered recently. Apparently, you can fingerprint SSL and TLS session in order to identify the service being run behind the encrypted socket. Really awesome if you want to spot malware or bitcoin miner on your network. Or pretty much any other services as long as you have a fingerprint to compare with.
  • SchemaCrawler : a cool tool for database schema discovery. This is a must when you have to take on board a legacy DB system that lacks clear documentation. 
  • Incident response : pager duty open sourced they incident response process. This is a really great set of tools, process and best practice for incident response. What is even more eye-opening is the part the describe the incident resolution scenario that didn't work and point out some great anti-patterns. A must read for any SRE team out there and anybody else that has an on-call duty and their managers.


Thursday, January 10, 2019

[Links of the Day] 10/01/2019 : High performance stream engine, Golang security links and a modern back orifice written in Go


  • Trill: high-performance one-pass in-memory streaming analytics engine. This seems like a highly versatile and performant streaming engine. The team behind it is making some bold claims regarding its capability ( see table below). I think that this architecture is promising, however, the .net language might put some people off.
  • Go Security link : loads of golang related security links 
  • Merlin : a cross-platform command and control server and agent. If you have used back orifice in the 90s. You will know what this tool offers :)



Tuesday, January 08, 2019

[ Links of the Day] 08/01/2019: Turn video into comics, Social impact of IoT, and Microservices orchestration DSL


  • Comixify: Transform video into a comics with the power of machine learning. This is a really cool concept and the results are surprisingly good.
  • A Storm in an IoT Cup : the authors look at the emergence of social machines where human interactions and relationship is made increasingly more complex with the rapid adoption of the Internet of Things. 
  • Baker : a library by ING bank that aims at reducing the efforts to orchestrate (micro)services process flows. The objective is to bring everybody from the product owners, architects and developers to talk the same language by relying on a unique service based processed workflow. While in itself it is not revolutionary. The DSL principle allows greater reusability of microservices as well as facilitating the comprehension and review of complex workflows.