"Khám phá CruxVault - Công cụ quản lý bí mật Git-like đầu tiên trên máy cục bộ!
- Mã hóa bí mật cục bộ
- Lưu trữ bí mật với kiểm soát phiên bản
- CLI giống Git (crux init, crux commit, crux status)
- Thẻ môi trường (dev/staging/prod)
Hoàn toàn ngoại tuyến, không phụ thuộc vào cloud!
#CruxVault #SecretManagement #LocalFirst #GitLike #DevTool #CôngCụLậpTrình #QuảnLýBíMật"
https://www.reddit.com/r/SideProject/comments/1oq7tgt/built_cruxvault_localfirst_gitlike_secret/
This is why you should not hard-code credentials in your source code, but use env. vars or credential managers.
Looks like someone sent me a mail via a python script. The script had an issue which let the mail content to be the script itself, which contains a token.
(Or this is phishing wanting me to try the token)
I released params2env, a Go based CLI tool I've built that reads AWS SSM Parameter Store values and sets them as environment variables.
The tool can create, modify, and delete parameters, and supports optional cross-region replication for redundancy.
Read more on my blog: https://dominik.wombacher.cc/posts/params2env-aws-ssm-parameter-store-to-environment-variables.html
#AWS #Go #GoLang #CLI #OpenSource #ParameterStore #DevOps #SecretManagement
OH: Moment, ich gibt dir die API-Keys aus dem Production Pod zum Testen.
For my homelab CoreOS config that I store publicly with git I've been wondering what to do about secrets. :blobfox3c:
For the containers at least I'm thinking
- Use Podman secrets when possible
- Script to setup the Podman secrets through bitwarden cli
Problem is, I will host Bitwarden on the host that will initially not have any secrets. Shouldn't be an issue as Bitwarden can manage without a secret, but still a limitation that needs to be solved separately. :blobfoxthink:
Don't really wanna store secrets through git but would like to have an offline solution if possible. Generating the secrets could be possible, at least for initial setup, but then I wanna be able to access the secrets easily too :blobfoxnotlikethis:
So much thinking
#coreos #containers #podman #gitops #security #secretmanagement
🚀🎉 Hold the presses! #OpenBao adds "Namespaces" to its secret manager, enabling isolated environments for your secrets. 🤔 Finally, a solution to the problem of "Where did I put my secrets again?" 😅 Thanks, OpenBao, for making secret management feel like a game of hide-and-seek with a twist! 🙄🔍
https://openbao.org/blog/namespaces-announcement/ #Namespaces #SecretManagement #IsolatedEnvironments #CyberSecurity #HackerNews #ngated
"The 18-point secrets management checklist"
https://www.hashicorp.com/en/blog/the-18-point-secrets-management-checklist
....aaaaaand #OpenBao (the fork of #Hashicorp #Vault) is on its way to @opensuse #Tumbleweed in the latest version 2.2.1. Since 2.2.0 the webui is included in OpenBao, so this can be a full replacement for Vault!
Looking forward to doing more testing with it!
In case you want to try it out, here is a #vagrant #libvirt setup using #Ansible to prepare an OpenBao server VM and a client using a secret.
https://codeberg.org/johanneskastl/openbao_vagrant_libvirt_ansible
GitHub is shaking up code security after 39 million secrets leaked—now every team can access standalone tools backed by AI and major cloud partners. Curious how this could reshape digital protection?
https://thedefendopsdiaries.com/githubs-security-tools-expansion-a-new-era-in-software-protection/
#githubsecurity
#softwareprotection
#secretmanagement
#cybersecuritytools
#infosec
Video Intro to Secret Management with PowerShell http://dlvr.it/TJF0J3 via PlanetPowerShell #PowerShell #SecretManagement #Microsoft #Automation
@nixos_org 🎉 took me 12 days to finally understand how this works & setup but I finally got a working secret management config! Check this out https://codeberg.org/dminca/nix-config/src/branch/main/secrets/example.yaml
#security #secretManagement #nix #nixDarwin #x86_64darwin #aarm64darwin
First @nixos_org challenge by the course of a month trying to get acquainted with #nix : secret management .
Seems there’s absolutely no ‘batteries-included’ way to have this implemented the proper way, instead people have to come up with their own ‘hacks’ so-to-speak to get something feasible working…
#nixos #nix #secretManagement #encryption #security #x86_64darwin #aarm64darwin
Wrote a blog post on AzCopy
Azure Blob Storage Sync with AzCopy
Learn to sync files with AzCopy & store credentials securely :
I just wrote a new blog post, Preventing Secrets in Code! #appsec #secrets #secretmanagement
https://shehackspurple.ca/2023/04/10/preventing-secrets-in-code/
I‘m happy to announce the publication of my #PowerShell template module for #SecretManagement Extensions on GitHub. It enables the fast creation of new SecretManagement Extensions, including many best practices and (most important) a ReadMe which describes all pitfalls I’ve fallen into and the tricks to avoid this. All learned the hard way creating SecretManagement.NetwrixPasswordSecure 😋. If only one new extension based on the template is created the work was worth it.
https://github.com/Callidus2000/SecretManagement.ExtensionTemplate
Is there an 'easy' way to call private #PowerShell functions from nested modules?
I've got my module A with the nested module B. Now I've got a function (f) which is needed/usable from both A&B but makes no sense as a public function. Currently I've made it available as public A\f and can access it from everywhere.
And the answer 'don't use nested modules' is sadly not acceptable as this is the design pattern for #SecretManagement extensions 😒
A few weeks ago I anounced tht I’m working on a #PowerShell extension of the #SecretManagement module for support of #Netwrix #PasswordSecure solution (formely known as #Mateso #PasswordSafe).
Today I’ve released v1.0.0 to the PowerShellGallery and to github. I’d appreciate any kind of feedback.
Special prerequisite of this extension: you need the .NET SDK DLLs which get provided by the vendor to enterprise customers.
https://github.com/Callidus2000/SecretManagement.NetwrixPasswordSecure
@AndrewPlaTech
My short time #PowerShell goals are:
1) Complete my #NetwrixPasswordSecure #SecretManagement module for public usage.
2) Spread some insights about how PS automation can save the day (internal company TechDay)
3) Use my Fortigate Manager module to clean up our internal firewalls
Lets try the poll feature of my new preferred social platform 😋
I’m currently developing a #Powershell #SecretManagement extension module for #Netwrix #PasswordSecure, formerly #Mateso #PasswordSafe. If released to the gallery the user would have to provide/side load DLLs which are only available for Enterprise customers.
Would such a module be of interest? Otherwise it will stay in-house.
@DoctorDNS not a dll just a script based Powershell Module.
Got 3 Workarounds now, mixing them gets me up and running:
1. Test the code directly without #SecretManagement
2. Using the RestartableSession module (my fav)
3. Use the rss command from PSModuleDevelopment
