Blog

Here you can find any useful bits of info I think might be useful to share, and a few rants about how to do security (and other things) properly.

Latest Post

Jan 12, 2021

Hacking Keycloak to Support TouchID/FaceID Authentication

Keycloak is an open source identity broker that allows you to combine user credentials from different providers (such as Google OAuth, LDAP, GitLab, etc.) as well as locally-stored credentials into a single authentication provider that can integrate with downstream applications using either SAML2.0 or OpenID Connect. I use it in my home lab as a single sign on provider using local accounts (I gave a talk about my setup at BSides Orlando 2020, check it out if you’re interested! Read more

All Posts

  • Hacking Keycloak to Support TouchID/FaceID Authentication - Jan 12, 2021
  • My 2020 Reading List - Nov 27, 2020
  • eLearnSecurity Pen Test Professional (PTP) Review - Jun 30, 2020
  • Hardening OpenVPN in 2020: Extra Credit - Jun 26, 2020
  • Hardening and Configuring OpenVPN in 2020 - May 5, 2020
  • OSCP & OSCE in 2020: A Retrospective - Apr 9, 2020
  • Importing VMWare Fusion VMs on ESXi 6.5 - Mar 21, 2020
  • A Better Windows 10+WSL SSH Experience - Dec 3, 2019
  • Creating TPM-Backed Certificates on Windows - Dec 2, 2019
  • PSA: Don’t Store 2FA Codes in Password Managers - Mar 18, 2019
  • 2FA: Not All Factors Are Created Equal - Feb 28, 2019