https://www.tavnets.com/Recent content in Adam Taveras on HomeHugo -- gohugo.ioenTavnets Security, LLC 2021Thu, 11 Jul 2024 10:49:38 -0400https://www.tavnets.com/blog/examples/Thu, 25 May 2023 11:59:33 -0400https://www.tavnets.com/blog/examples/Table of Contents: Sample Diagrams Mermaid References reCAPTCHA Fonts SVG Sample Diagrams gohugo 1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4 1 2 3 4 Mermaid Mermaid Mermaid Codeblock sequenceDiagram participant Alice participant Bob Alice->>John: Hello John, how are you? loop Healthcheck John->>John: Fight against hypochondria end Note right of John: Rational thoughts prevail! John-->>Alice: Great! John->>Bob: How about you?https://www.tavnets.com/blog/cybersecurity/Thu, 11 Jul 2024 10:49:38 -0400https://www.tavnets.com/blog/cybersecurity/ CyberSecurity Indexhttps://www.tavnets.com/blog/forgerock/Wed, 10 Jul 2024 11:59:33 -0400https://www.tavnets.com/blog/forgerock/Table of Contents: Swagger ForgeRock Nodes Debuging Debug Node Debug Script RestAPI Swagger ForgeRock Swagger ForgeRock Nodes NOTE: Bulding a node out of a JavaScript and importing it into the web-container webapps is apparently faster at rendering than using JS scripts inside of a journey. From what I have been told. I am still pending the ability to time it out and discover the delay between an imported node from a jar vs writting out a JavaScript and referencing it into a journey.https://www.tavnets.com/about/resume/Mon, 08 Jul 2024 15:36:32 -0400https://www.tavnets.com/about/resume/ Previous Next     Page: / Contact Mehttps://www.tavnets.com/blog/python/python-toolkit/Sat, 25 May 2024 21:33:31 -0400https://www.tavnets.com/blog/python/python-toolkit/PyToolkit Table of Contents: Installation ToolKit Utilities ToolKit Dataclasses Maniuplating Dictionaries Utilities Internet Utilities Splunk Upload Python General tools Installation Package found at PyPi Code found at GitHub >>> python -m pip install pytoolkit928ToolKit Utilities string_or_list function allows you to interpret a string and return a list. It provides you the option of adding a delimiter using an OR function to return a possible string that you may be expecting possible common delimiters.https://www.tavnets.com/blog/dnsproxy/Sat, 09 Mar 2024 13:15:50 -0500https://www.tavnets.com/blog/dnsproxy/DNSCrypt Proxy Table of Contents: DNS Crypt Proxy References Crontab Updates DNS Crypt Proxy References DNScrypt-proxy project DNSCrypt + Pi-Hole Crontab Re-populate any block lists and restart service to import the new generated lists. # Re-populate the blacklist add any addtional lists to subscribe to 30 */2 * * * python $HOME/generate-domains-blacklist.py -c /etc/dnscrypt-proxy/domains-blocklist.conf -o /var/cache/dnscrypt-proxy/dnscrypt-blocklist-domains.txt # Reload DNS Crypt to update list 45 */5 * * * systemctl stop dnscrypt-proxy.https://www.tavnets.com/blog/python/python-setup/Sat, 09 Mar 2024 13:06:20 -0500https://www.tavnets.com/blog/python/python-setup/Python Setup Table of Contents: Pyenv Installing Pyenv Installing Pyenv with Debian Poetry Poetry Installation Pyenv Tool used to manage multiple versions of python installed on a system to easily switch between python versions. Installing Pyenv Using zsh shell instead of bash. Add to ~/.zshrc and ~/.zprofile: # Add pyenv executable to PATH and # enable shims by adding the following # to ~/.profile and ~/.zprofile: export PYENV_ROOT="$HOME/.pyenv" export PATH="$PYENV_ROOT/bin:$PATH" export PATH="$HOME/.https://www.tavnets.com/blog/security/api/Fri, 31 Mar 2023 15:55:53 -0400https://www.tavnets.com/blog/security/api/API Security Checklist download Previous Next     Page: /https://www.tavnets.com/blog/aquasec/Tue, 07 Mar 2023 16:42:47 -0500https://www.tavnets.com/blog/aquasec/updated: 2023-04-27 Introduction Aqua Security SDK to interact with Workload Protection and CSPM. Aquasec Security SDK GitHub Project = aquasec-api python -m pip install aquasec-apiEarly Testing Pre-Release: pip install -i https://test.pypi.org/simple/ --extra-index-url https://pypi.org/simple aquasec-api==v0.0.1rc1See Python Package Index See Test Python Package Index Aquasec Security CLI Additionally there is a aquasec security cli that can accompany the SDK. Installing it is still under works, but allows for installation and ability to run directly from the CLI.https://www.tavnets.com/blog/long_running_api/Sun, 27 Nov 2022 11:58:47 -0500https://www.tavnets.com/blog/long_running_api/Updated: 2022-11-27 Description I have come across many issues where I need async API calls, but not just to run multiple calls, but to also run long running tasks that I just need to check the status of. I have been leveraging NATS to handle message queuing between systems see: Python NATS Github Repo and information on NATS Project . Unfortunately, I’ve run into some issues with how to handle messaging through API calls.https://www.tavnets.com/blog/security/prisma_sase/Thu, 10 Nov 2022 19:51:23 -0500https://www.tavnets.com/blog/security/prisma_sase/updated: 2023-02-23 Introduction Working on developing an SDK to leverage our orchestration internaly that will assist with auto security policy and deployment with the Palo Alto Prisma SASE project. Python Package GitHub Project - Prisma-Access-SASE python -m pip install prisma-access-saseSee Python Package Index for README.md docs and usage of package. See Test Python Package Index for current beta/alpha releases.https://www.tavnets.com/blog/security/waf/Sun, 11 Sep 2022 19:55:58 -0400https://www.tavnets.com/blog/security/waf/Overview What is a Web Application Firewall? A web application firewall (WAF) is a specific form of application firewall that filters, monitors, and blocks HTTP traffic to and from a web service. By inspecting HTTP traffic, it can prevent attacks exploiting a web application’s known vulnerabilities, such as SQL injection, cross-site scripting (XSS), file inclusion, and improper system configuration. 1 Many basic security measures are applied in a WAF are supported by the Open Web Application Security Project (OWASP) owasp.https://www.tavnets.com/blog/security/cyber_mapping/Sun, 11 Sep 2022 14:27:13 -0400https://www.tavnets.com/blog/security/cyber_mapping/updated: 2024-04-17 Description I came across this and find it very useful in a breakdown of all the different ways to reference security standards and where/how they are applied. I find this a lot easier to comprehend and digest than going through the CISSP in some circumstances. I’ll be uploading pieces of it as I find the best way to display the inforomation. Sections Include: Overview Risk Managment Network Security Access Management Application Security Data Security Operational Security BCDR Department of Defense Risk Mangement Framework Cloud Frameworks Container Security Application Container Security Guide See Also: RestAPI NOTE: Working on a cloud section.https://www.tavnets.com/blog/going_cloud/Sun, 04 Sep 2022 10:35:30 -0400https://www.tavnets.com/blog/going_cloud/Cloud Considerations updated: 2023-02-24 Table of Contents: Overview Considerations Where do I start? Cloud Native vs Cloud Agnostic Nework Segmentation & Hiearchy Network Segmentation Network Hierarchy Security Firewall Cloud Workload Protection Protect Your Cloud References Overview Going to the cloud can be a difficult journey and has a lot of obsticles around it. Let’s try to break down those obsticles leveraging publications and information readily availble to help you get through your cloud journey.https://www.tavnets.com/blog/python/palo_api/Sun, 28 Aug 2022 07:20:23 -0400https://www.tavnets.com/blog/python/palo_api/updated: 2023-04-17 Palo Alto API Working with Palo Alto Firewall and the official SDK I found it difficult to get the info I wanted in the format I needed in some casees. So, I begain writting out some code that would handle the work for me. Github project How to Use Install the package which has been tested mostlyon 3.8+ python -m pip install paloaltoapiConfiguration Variables Use environment variables for configurations:https://www.tavnets.com/blog/paloalto_cloud_ngfw/Thu, 25 Aug 2022 14:57:36 -0400https://www.tavnets.com/blog/paloalto_cloud_ngfw/updated: 2022-09-07 (Under Construction) Introduction Palo Alto announced direct NGFW Cloud integration with AWS as well as AWS announcment back in March of 2022. This is a really new product that integrates AWS Firewall Manager with Palo Alto NGFW. I am still reviewing it, but here are some initial docucmentations around it that I’ve been looking at and evaluting and this is a PDF with a brief overview: Palo Alto Cloud NGFW (file removed due to NDA)https://www.tavnets.com/blog/paloalto_aws/Thu, 14 Jul 2022 12:52:38 -0400https://www.tavnets.com/blog/paloalto_aws/updated: 2022-09-08 (under construction…) Introduction Description: I wanted to review the best practices to inpsect AWS traffic and how this would be architected. I ended up going through a few iterations of different designs and the pros and cons of each. This is a space on some of those designs and online resources I used. I hope this becomes a sort of one stop shop in evaluating different methodoligies that can be leveraged to secure an AWS Cloud solution.https://www.tavnets.com/blog/pa-rest/Sun, 16 May 2021 13:05:21 -0400https://www.tavnets.com/blog/pa-rest/orig: 2021-05-15 updated: 2022-08-28 Introduction Description: I was using the PaloAltoNetworks Github project, but wanted to customize it and also was looking at adding it to some internal projects and try to understand what I was doing. My original code was built around Palo Alto’s XML API, so I’ve been updating it against Palo Alt’s newer version since updating their API (begining in PanOS 9.0 release see PAN-OS Documents ) to use REST API Request and Response Structure, which, I feel, made it a lot easier to interact with.https://www.tavnets.com/blog/microsoft/Sat, 15 May 2021 18:23:45 -0400https://www.tavnets.com/blog/microsoft/updated: 2022-08-21 Microsoft Project Description: I’ve been been looking for ways to enhance Microsoft O365 traffic that has generally always had to flow through an Enterprise Proxy. Pouring through online documentations to find out what traffic needs to go direct without being inspected. my git repo for microsoft_pac Resources Office 365 IP Address and URL web service Office 365 URL categories to help you optimize the network traffic which really matters Generate Office 365 PAC Files with PowerShell Use tenant restrictions to manage access to SaaS cloud applications Use tenant restrictions to manage access to SaaS cloud applications Python Currently I’m working on a project that will allow sync between all the different services that Microsoft requires.https://www.tavnets.com/blog/ent-certs/Sat, 15 May 2021 17:30:27 -0400https://www.tavnets.com/blog/ent-certs/Table of Contents: Customizing SSL Certificates Overview Sample Code Customizing SSL Certificates Description: In an Enterprise environment, where we are decrypting traffic for inspection or using interanally signed certificates, I’m constaintly running into SSL Errors. They are generally legitimate and always have a reason, but to minimize this I either directly use a custom CA or I use something like the below where I can leverage publicly known Trusted CA’s with a Custom Trusted CA.https://www.tavnets.com/blog/security/dnsfirewall/Sat, 01 May 2021 13:06:43 -0400https://www.tavnets.com/blog/security/dnsfirewall/Description: Set up a personal DNS Firewall. Overview: In working with Infoblox DNS BloxOne Deployment I got to thinking why not deploy this on my own network to get an inexpensive way to control DNS requests. Here I ended up deploying a Primary and Secondary DNS Bind9 Server running on physical and virtual Ubuntu Servers. I leverage ioc2rpz to sync community available RPZ’s then we leverage DNSCrypt-Proxy project configuring a local listener that will send Recursive DNS lookups using DNSoverHTTPS.https://www.tavnets.com/blog/paloalto/Mon, 12 Apr 2021 21:51:46 -0400https://www.tavnets.com/blog/paloalto/updated: 2022-08-28 PaloAlto Shareshttps://www.tavnets.com/blog/python/python_corner/Fri, 26 Mar 2021 13:23:45 -0400https://www.tavnets.com/blog/python/python_corner/updated: 2024-05-18 Table of Contents: Handling Certificates with Python Using PIP Config Setting PIP Configuration PIP Configuration Locations Handling Certificates in code PEP 476 - Enabling Certificate Verification Handling Certificates with Python StackOverflow: How To Add A Custom CA Using PIP Config A quick way to set Python configuration is to set it in the pip.conf which contains NOTE: Python uses a hierarchy to search for the configuration file and what takes presedence.https://www.tavnets.com/photography/city/Sun, 21 Mar 2021 09:17:25 -0400https://www.tavnets.com/photography/city/New York City Photoshttps://www.tavnets.com/photography/installations/Sun, 21 Mar 2021 09:17:25 -0400https://www.tavnets.com/photography/installations/City installations and freephotos Ray Bans Grafiteehttps://www.tavnets.com/photography/nature/Sun, 21 Mar 2021 09:17:25 -0400https://www.tavnets.com/photography/nature/Georgia Pond Central Park Hudson Yards