dotfiles - A Treasure Trove

What are dotfiles? Dotfiles, for the context of this blog, are a collection of files, often starting with dots (as the name implies) where users (developers, system admins, etc) store their personalised configurations for a variety of software. These dotfiles are often pushed to a git repository and contain configuration files for software such as Vim, VSCode, Zsh, .aliases, git, and so on. A common use case for dotfiles is when users join new companies and get issued a work laptop....

May 26, 2024 · 3 min

Credential Harvesting via Postman

Postman is an API platform for developers to design, build and test their APIs. The platform allows users to work in teams and organizations, giving users the option to share their workspace over the Internet. One of the features includes the ability to organize requests (GET, POST, PATCH, etc) on different ‘pages’, with the option to define request parameters, headers, authorization, body and tests. The issue at hand comes into play when request parameters are directly populated with values such as passwords, API tokens and secrets, combined with a workspace which has been shared publicly....

August 28, 2022 · 2 min