Welcome

This site contains articles and posts I’ve written over the years on career and technical matters. You can also check out past presentations I’ve given at various hacker and cyber security conferences.

RedHat Summit 2017

 Posted on May 5, 2017  |  2 minutes  |  336 words  |  David Mitchell

Now I’m sitting on a plane, heading back to my family. I just got through with the RedHat Summit 2017 in Boston and I also visited some of my family while there. It was an intense 3-4 days. I generally love Boston, and also Cambridge across the river. While I was there, I took a visit over to the MIT Press Bookstore, and bought a few books, including Grokking algorithms which was a book that I already had on my wishlist, but wasn’t one I could find in the store anywhere else. [Read More]
devops  linux  open source  containers  cloud 

Teaching my Kids

 Posted on April 22, 2017  |  3 minutes  |  437 words  |  David Mitchell

I have only two kids at this point and for the foreseeable future. Both are fairly young, but one is getting old enough that I’m starting to think about teaching her some of the basic programming and STEM related subjects fairly early. She already is quite taken by Minecraft, and can navigate the computer pretty well even if she doesn’t yet know all the keys on the keyboard. She knows how to move and do things, etc. [Read More]
parenting 

Dealing with and exploiting Struts

 Posted on March 26, 2017  |  3 minutes  |  570 words  |  David Mitchell

I’m sitting on a plane waiting for my delayed flight to Boston listening to Adam Savage rant about Apple’s lack of ease of use (of which I totally agree). I figured it was the perfect time to finish this blog. Oh yeah, why am I on a plane? I’m heading to Red Hat Summit 2017. I might write about that later. In like a year or so. Yes, I back dated this if you realize the RH Summit is in May, but I’ve been meaning to write this post for over a month. [Read More]
infosec  security 

2016

 Posted on February 23, 2017  |  3 minutes  |  450 words  |  David Mitchell

2016 has been another crazy year for me, and 2017 is just as crazy. I’ve been putting off updating my site for a while (a whole year). So here is a summary update of just some of the things I’ve been working on for 2016 and the first few months of 2017. Certifications: I am now a Puppet Certified Professional 2016, I guess if its not obvious, I’ve been working even more heavily with Puppet, going to training, writing modules, etc. [Read More]
websphere  puppet  infosec  security 

CarolinaCon 12

 Posted on March 7, 2016  |  2 minutes  |  398 words  |  David Mitchell

I gave another talk for this year’s CarolinaCon 12 called “Never Go Full Spectrum Cyber”. For this talk I focused on mistakes “hackers” and even some InfoSec professionals have made and then a short summary at the end of OpSec lessons that could have prevented the mistakes covered earlier in the talk. The talk slides are here. [UPDATE: The talk video is here.] I referenced OpSec work and talks done by the grugq. [Read More]
hacking  security  infosec  opsec 

Eucalyptus

 Posted on September 15, 2015  |  1 minutes  |  186 words  |  David Mitchell

I recently started with a new company doing more of the role I was in at my previous job focused on J2EE applications, etc. However, I additionally ended up taking over management of Eucalyptus which is an AWS compatible cloud solution. It’s been an exciting change of pace over configuring, troubleshooting, and restarting JVM’s. I’ve worked heavily with it and its underlying open source components that it utilizes like KVM, qemu, S3 (which this site is hosted on an S3 bucket), creating new images (using packer and some fancy script-fu I’ve got it fully automated), and customizing them. [Read More]
cloud  devops  linux 

DefCon 23 and BSides LV

 Posted on August 15, 2015  |  1 minutes  |  145 words  |  David Mitchell

I’m still recovering from Vegas even a week later. So I’m just going to link a bunch of things you should check out and mention a few cool things that happened or that I saw. PowerShell Empire - written in my two favorite scripting languages, may replace Meterpreter someday. Modern Honeypot Network - build your own cloud based network of honeypots that feed results back into a centralized server. HoneyDrive - an okay honeypot VM image (if you for some reason want to run your honeypot in VirtualBox or VMWare) I also put together a DarkNet badge, walked until my knee gave out, attended a lot of events. [Read More]
hacking  security  infosec 

BSides Asheville 2015

 Posted on June 30, 2015  |  1 minutes  |  149 words  |  David Mitchell

Quick summary of a few cons I went to. I went to ISSA conference in Charlotte earlier with FALE, but more recently I went to BSides Asheville as a volunteer. I also participated in their CTF with some Cha-Ha members, and we came very close to winning, but placed second. Some friends and I camped out isntead of staying in a hotel, listened to bluegrass in a mountain bar and saw some talks, etc. [Read More]
hacking  security  infosec 

Defacement Page Design talk

 Posted on March 27, 2015  |  1 minutes  |  69 words  |  David Mitchell

My talk from CarolinaCon is up.

This is not a professional talk, by any means, it was a humorous one, at a hacker con, meant to be somewhat entertaining, delivered late at night. Some of the sites displayed contain profanity, etc. I use some profanity in the talk as well. People liked it, one person told me it was their favorite talk which shocked me. The slides are here.

hacking  funny 

Talk at CarolinaCon

 Posted on February 2, 2015  |  2 minutes  |  236 words  |  David Mitchell

I will be attending CarolinaCon again this year with FALE since we are run the LockPick Village. The big difference this year will be I am giving a talk as well. This will be my first talk at a conference of any kind. Unless something changes I’m scheduled Friday night(Mar 20th) at 10pm. Giving a talk at all was almost unexpected and only came about because they had extended the call for papers by a few days when not enough talks were received. [Read More]
hacking  security  infosec