Technical Blog


Introducing crs-trigger.py

This is a blog post about a new script, that will execute a request in order trigger an arbitrary Core Rule Set anomaly score. The OWASP ModSecurity Core Rule Set (short CRS) is a scoring rule set with individual rules working together to assess an incoming request and assigning it an anomaly score. An administrator […]


Adding empty HTTP headers via libcurl (pycurl)

When testing for the correct behavior of the OWASP ModSecurity Core Rule Set, a popular Web Application Firewall rule set, I needed to send empty Acccept- and User-Agent headers. This is relatively simple on the command line with curl: $> curl –header “User-Agent;” https://example.com Pulling this off with libcurl (pycurl in my case), was way […]


Announcing Cisco ACI APIC Support for Netdisco

If your organization uses both Netdisco and Cisco ACI, you might be interested in one of our latest Open Source projects: nd2-worker-plugin-aci. This extension uses the APIC REST API to integrate the fabric’s switch port to MAC address and MAC address to ARP entry mappings seamlessly into the Netdisco database. Licensed under the same liberal […]


auto-upgrade pip in Ansible role/task

Lets say you have an Ansible role in which you create a virtual-environment using Python 3.x: – name: Install python venv and requirements environment: http_proxy: http://proxy.domain.com:8080 https_proxy: http://proxy.domain.com:8080 HTTP_PROXY: http://proxy.domain.com:8080 HTTPS_PROXY: http://proxy.domain.com:8080 pip: extra_args: ‘–trusted-host pypi.python.org’ requirements: /path/to/requirements.txt virtualenv: /path/to/venv virtualenv_command: /opt/python-3.7.0/bin/python3.7 -m venv If your requirements.txt only contains the modules you really need for […]