Links to Process

https://www.scmagazine.com/home/reviews/overviews/sw-labs-overview-attack-surface-management/

https://www.swagup.com/

https://www.youtube.com/watch?v=_ih-drNEOT8

https://web.dev/learn/css/ https://www.tweetshelf.com/?mc_cid=63f38dd5b1&mc_eid=cc1b4fe73e https://fig.io/?ref=hn

https://github.com/cr0hn/dockerfile-security/tree/master/dockerfile_sec/rules

https://resources.github.com/appsec/?/utm_source=github&utm_medium=email&utm_campaign=enterprise_newsletter_june

https://vimeo.com/561372404?mc_cid=d6558bceb7&mc_eid=4459168e65

https://blog.google/technology/safety-security/new-advanced-protection-program-account-security-instant/

The Beer Drinker’s Guide to SAML | Duo Security https://xkcd.com/1700/ https://twitter.com/joshuapeskay?lang=en

That is me, but I’m not active on any social - so no need to tweet at me. Appreciate it though!

https://www.linkedin.com/posts/holycyberbatman_cyber-securitymanagement-devsecops-activity-6788614419745140736-SI55

https://media.superhuman.com/images/_/https%3A%2F%2Fmedia.sailthru.com%2Fcomposer%2Fimages%2Fsailthru-prod-6ks%2Fgdoc.png

https://cdn.substack.com/image/fetch/f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fbucketeer-e05bbc84-baa3-437e-9518-adb32be77984.s3.amazonaws.com%2Fpublic%2Fimages%2F4ca9d32f-6a97-4e50-9d79-4a8adb894365_1532x1874.jpeg

  • What the smartest people do on the weekend, everyone else will do during the week in 10 years

http://www.pathsensitive.com/2021/03/developer-tools-can-be-magic-instead.html

https://parsiya.net/blog/2021-03-17-attack-surface-analysis-part-2-custom-protocol-handlers/

https://www.pentagrid.ch/en/blog/burp-suite-hackvertor-custom-tags-email-sms-tan-multi-factor-authentication

https://snyk.io/blog/defining-developer-first-container-security/

https://www.vdoo.com/blog/python-wheel-jacking-supply-chain-attacks

https://github.com/ES-Community/nsecure

H/T Yoann https://writing.kemitchell.com/series/line-by-line.html

https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/?

https://github.com/revolist/revogrid

https://www.geoffreylitt.com/wildcard/

  • [[https://darknetdiaries.com/stats/][Stats – Darknet Diaries]] #+title: Hacker Bits, Issue 60 - Hacker Bits #+ROAM_KEY: https://hackerbits.com/issue/hacker-bits-issue-60/ #+roam_tags:
  • [[https://hackerbits.com/issue/hacker-bits-issue-60/][Hacker Bits, Issue 60 - Hacker Bits]]

#+title: fastai/fastpages: An easy to use blogging platform, with enhanced support for Jupyter Notebooks. #+ROAM_KEY: https://github.com/fastai/fastpages #+roam_tags:

  • [[https://github.com/fastai/fastpages][fastai/fastpages: An easy to use blogging platform, with enhanced support for Jupyter Notebooks.]]

https://www.canva.com/design/DAESBO5RCnw/IIvHNNbmQxFrIBn-dQx4Jw/view?utm_content=DAESBO5RCnw&utm_campaign=designshare&utm_medium=link&utm_source=sharebutton&ck_subscriber_id=185985893#1 https://twitter.com/lennysan/status/1347642519220232192

https://r2c.quip.com/QF8tAErblBkB/2021-Professional-Goals

https://www.goodreads.com/book/show/41881472-the-psychology-of-money

https://www.youtube.com/watch?v=WBYUr62excM&feature=emb_title

https://openai.com/blog/dall-e/

https://stripe.com/docs/stripe-vscode https://twitter.com/auchenberg/status/1349772997993910272

#+title: Amazon.com : Cubii Pro Seated Under Desk Elliptical Machine for Home Workout, Pedal Bike Cycle Motion, Bluetooth sync Fitbit & Apple, Whisper Quiet, Compact Mini Exerciser w/Adjustable Resistance & LCD, Noir : Sports & Outdoors #+ROAM_KEY: https://www.amazon.com/dp/B0189VJEFI #+roam_tags:

  • [[https://www.amazon.com/dp/B0189VJEFI][Amazon.com : Cubii Pro Seated Under Desk Elliptical Machine for Home Workout, Pedal Bike Cycle Motion, Bluetooth sync Fitbit & Apple, Whisper Quiet, Compact Mini Exerciser w/Adjustable Resistance & LCD, Noir : Sports & Outdoors]]

(16) Emacs From Scratch #6 - Organize Your Life with Org Mode https://youtu.be/PNE-mgkZ6HM?t=868

https://uglyemail.com/ samy

https://www.youtube.com/watch?v=n7WOn8seVIk

https://www.rumble.run/ - TODO chat w/ HD moore - commercializing open source

thread on SaaS startups - https://twitter.com/HammadH4/status/1323400874673147904

respond to bug finding thread - https://twitter.com/dmolnar/status/1323488216733929473 https://cs.au.dk/~amoeller/spa/spa.pdf

Respond to Xavier Garceau-Aranda LI Thanks for reviewing your email history. Huh, that’s so strange lol 😆 Really not sure what’s happening to be honest, but I guess something to keep in mind and

Include Hacker Laws + Daniel Miessler Concepts

How to Grow Your Business by Writing: Sahil Lavingia + David Perell

(3) Madame Vivelda - SNL

(257) Lis Sørensen - Brændt (Official Music Video) - Torn cover by Natalie

TODO imagery from Bardcore helper website - https://htck.github.io/bayeux/#!/

Security Conversations: Sounil Yu, Cyber Defense Matrix
TODO: copy notes from org mode re: security patterns and business constraints.

TODO velocipastor intro

Talk to Each Other Laura and Rick Hall

Explaining what tl;dr sec is to my mom. OF course, when it clicked, she was so happy she dabbed.

https://media.superhuman.com/images/_/https%3A%2F%2Fsailthru-media.s3.amazonaws.com%2Fcomposer%2Fimages%2Fsailthru-prod-6ks%2Fposter.png

https://thenounproject.com/

https://observablehq.com/ https://retool.com/

https://jvns.ca/blog/2020/10/26/ninja–a-simple-way-to-do-builds/?mc_cid=3512bae25b&mc_eid=cc1b4fe73e

Sales

  • https://www.harrisonmetal.com/library/pricing-1-thank-you-kahneman-amp-tversky
  • https://www.harrisonmetal.com/library/pricing-2-thank-you-robert-dolan
  • https://www.harrisonmetal.com/library/pricing-3-assortments-are-for-winners

https://metatags.io/

https://www.reddit.com/r/devsecops/comments/j72yob/hcl_appscan_toolset_review/

https://www.mkdocs.org/

https://gumroad.com/l/doing-content-right

Respond to LI: https://www.linkedin.com/feed/update/urn%3Ali%3Aactivity%3A6720245146102956032/

Tool master list: https://twitter.com/StaticFlow/status/1160601859834302464

TODO: copy scott notes from gmail draft to braindex

scraping as a service: https://twitter.com/_glnarayanan/status/1306251360833167360 https://www.openfaas.com/blog/puppeteer-scraping/

laura hall - https://www.youtube.com/watch?v=s7JGyrDbsBY&feature=youtu.be

download to braindex - https://r2c.quip.com/ocBSA89umbPl/Research-on-Snyk-cheat-sheet-promotion

http://cseweb.ucsd.edu/~hpeleg/resl-oopsla20.pdf

https://www.youtube.com/watch?v=SOrPjsWdclo&feature=youtu.be&mc_cid=970356fcef&mc_eid=cc1b4fe73e - Daniel Miessler Ashish podcast

How to read and why https://www.amazon.com/How-To-Read-and-Why-Harold-Bloom-audiobook/dp/B001J6XF9M/ref=tmm_aud_swatch_0?_encoding=UTF8&qid=&sr=&mc_cid=970356fcef&mc_eid=cc1b4fe73e

Gator Frameworks Deluxe Desk-Mounted Broadcast Microphone Boom Stand For Podcasts & Recording; Integrated XLR Cable (GFWBCBM3000) https://www.amazon.com/gp/product/B082YHPC3Z/ref=ppx_yo_dt_b_asin_title_o00_s00?ie=UTF8&psc=1&mc_cid=970356fcef&mc_eid=cc1b4fe73e

  • recommended by Daniel Miessler

spacemacs update packages - https://www.spacemacs.org/doc/DOCUMENTATION.html#update-packages

CodeQL frustrations - https://news.ycombinator.com/item?id=24646960

Managing the assets of your career bsidessf - https://www.youtube.com/watch?v=R4WLuZGeNo4&list=PLbZzXF2qC3RvlcHIxrqrsN1XhwHX8SQ-g&index=28

current BSidesSF - https://www.youtube.com/watch?v=R4WLuZGeNo4&list=PLbZzXF2qC3RvlcHIxrqrsN1XhwHX8SQ-g&index=28

https://www.cnbc.com/2020/10/07/stanford-professor-not-optimistic-about-work-from-home-economy-ticking-time-bomb-for-inequality.html https://plausible.io/blog/open-source-licenses

https://fortelabs.co/blog/my-complete-gear-kit-for-filming-a-personal-documentary/ https://fortelabs.co/blog/the-complete-guide-to-landing-a-book-deal/

TODO rule https://github.com/alibaba/anyproxy/blob/b93f948107b956e07c7b68faeff0c777a1f50486/lib/httpsServerMgr.js#L4 https://semgrep.dev/s/clintgibler:tmp

https://r2c.quip.com/nzitAHRaobaz/20200924-Automating-Threat-Modeling-Jacob-Salassi-Joe-Bollen https://www.linkedin.com/feed/update/urn:li:activity:6715007788592062464/

https://r2c.quip.com/PBYPA6VxV9if/20200923-Apple-Bei-Yuan

https://r2c.quip.com/guGXAcJO3dnP/20200918-Latacora-ClintTomek-Rabczak-Sync

https://www.amazon.com/Data-Reality-Perspective-Perceiving-Information/dp/1935504215 https://twitter.com/_glnarayanan/status/1306251360833167360

https://www.youtube.com/watch?v=hYyRrYwfy3k

https://www.youtube.com/playlist?list=PLH15HpR5qRsUL_cfIgSo7UcWml-WOSxoR https://www.blackhat.com/asia-20/briefings/schedule/ https://www.blackhat.com/asia-21/briefings/schedule/

https://www.dailydot.com/debug/donotpay-photo-ninja-facial-recognition/ https://github.com/minimaxir/hacker-news-undocumented

https://github.com/open-policy-agent/library https://github.com/open-policy-agent/gatekeeper-library/tree/master/library/pod-security-policy/apparmor

[Passwordless deployments to the cloud The GitHub Blog](https://github.blog/2023-01-11-passwordless-deployments-to-the-cloud/?ck_subscriber_id=1509582773)

Fine-Grained RBAC For GitHub Action Workflows With GitHub OIDC and HashiCorp Vault

[GitHub Actions - Updating the default GITHUB_TOKEN permissions to read-only GitHub Changelog](https://github.blog/changelog/2023-02-02-github-actions-updating-the-default-github_token-permissions-to-read-only/)