Tuesday, December 30, 2014

Search the web from Splunk using Faroo

I have been away for a while, but been very busy at Github. Just wrapped up a app for Splunk that allows you to search the web using key words from a specific Splunk field. Primary use for this is to rank up items that might have been indexed by a web service like Faroo. Also to add further context on the fly when doing investigations.

See the code at:


I just submitted to https://apps.splunk.com for approval.

Tuesday, June 3, 2014

Generating Elliptical Curve (EC) Key/Pair

Just finished a post over at Splunk blog regarding using EC (Elliptical Curve) certs with in Splunk. Although the explanation was geared towards someone deploy the keys in a Splunk deployment the key pair could be used in any situation (proxy, web server etc..)

Here is the TL;DR summary of the post:

Generate a New Elliptical Curve CA key and Cert
openssl ecparam -out ca-key.pem -genkey -name prime256v1
openssl req -x509 -new -key ca-key.pem -out ca-cert.pem

Generate Servers Private key and CSR
openssl ecparam -out server-key.pem -genkey -name prime256v1
openssl req -new -key server-key.pem -out server-csr.pem

Generate Public Certificates:
openssl x509 -req -days 365 -in server-csr.pem -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 -out server-cert.pem


If you want to test your keys. Start a web server with the following openssl command.
openssl s_server -www -key server-key.pem -cert server-cert.pem -CAfile ca-cert.pem -state

Then, try to connect to
openssl s_client -connect

Friday, May 9, 2014

Nexpose Python Client Library

Just wrapped up a client library for Nexpose. I forked one already created, but added custom reporting support to it, which was a feature that a friend was requesting. Hope it helps anyone else running this as their Vulnerability scanner.


If there are any errors, or issues with it please feel free to ping me at @divious_1