venus/blog
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: venus:combine-docker
Branches Tags
venus:master venus:main venus:dev venus:integrate-build venus:combine-docker venus:fix-docker
..
compare: venus:master
Branches Tags
venus:master venus:main venus:dev venus:integrate-build venus:combine-docker venus:fix-docker

28 Commits
combine-do ... master

Author SHA1 Message Date
venus
c03c37f691 live pull works!! 2026-03-05 02:03:16 -06:00
venus
c4634c0a0c set update to post again 2026-03-05 01:56:19 -06:00
venus
35cd103751 set update to post only 2026-03-05 01:53:19 -06:00
venus
eddd70c701 fixed live webhook update 2026-03-05 01:50:07 -06:00
venus
4d1eae0b25 fixed live pull issue 2026-03-05 01:46:02 -06:00
venus
e8a0831809 fixed rebase issue 2026-03-05 01:33:06 -06:00
venus
5ed4acf7bf updated compose 2026-03-05 01:28:39 -06:00
venus
4e35dabde7 ignoring compose now 2026-03-05 01:26:40 -06:00
venus
f6f192da26 basic webhook tested 2026-03-05 01:24:40 -06:00
venus
ebb6aa0f56 basic webhook 2026-03-05 01:21:13 -06:00
venus
cf6fc0da33 started webhook 2026-03-05 01:17:38 -06:00
venus
427c3b6427 public notes work now 2026-03-05 00:02:39 -06:00
venus
13d7676ff4 fixed names and function defs 2026-03-04 23:51:07 -06:00
venus
e9b1a95b9a improved readability again 2026-03-04 23:33:00 -06:00
venus
48d27184be improved readability 2026-03-04 23:32:08 -06:00
venus
c41f3a0286 implemented public vault initialization 2026-03-04 23:22:54 -06:00
venus
d6a1d30747 addded todo comment 2026-03-04 23:12:40 -06:00
venus
35f0edbc83 updated gitignore and build.py works to update vault 2026-03-04 23:10:09 -06:00
venus
f22fb410ab updated compose 2026-03-04 19:47:56 -06:00
venus
58e972e65f vault clones from env vars in compose 2026-03-04 19:46:37 -06:00
venus
bacbd48d30 added gitignore again 2026-03-04 18:03:05 -06:00
venus
62dcfab912 updated to render md from content dir 2026-03-04 18:00:42 -06:00
venus
6c6cccae49 added repo key 2026-03-04 16:37:17 -06:00
venus
7612837e82 updated .env 2026-03-04 16:32:39 -06:00
venus
fdbced9192 updated dockerfile and flask app name 2026-03-04 16:29:41 -06:00
venus
99a0df522e moved dockerfile 2026-03-04 16:27:53 -06:00
venus
1b177e3d86 removed some folders 2026-03-04 16:27:30 -06:00
venus
d3c8d6e544 docker works 2026-03-04 16:23:43 -06:00
17 changed files with 828 additions and 73 deletions
Expand all files Collapse all files

28
' Normal file
View File

@@ -0,0 +1,28 @@
from flask import Flask
from app import build
from pathlib import Path
import markdown
import os
from dotenv import load_dotenv
app = Flask(__name__)
PRIVATE_VAULT_DIR = Path("/vault")
PUBLIC_VAULT_DIR = "/content"
build.obsidian_vault(PRIVATE_VAULT_DIR) # initialize the private obsidian repo
build.public_vault(PRIVATE_VAULT_DIR, PUBLIC_VAULT_DIR) # initialize the public notes from the private repo
@app.route("/")
def index():
md_content = "# Welcome to my blog!\nThis is rendered from **Markdown**.\n##[test](http://localhost/test)"
html_content = markdown.markdown(md_content)
return html_content
@app.route("/api/vault-update") #webhook for vault updated
def update_vault():
# TODO SECURE THIS WITH SECRETTTTT or auth header
print(build.public_vault(PRIVATE_VAULT_DIR, PUBLIC_VAULT_DIR))# initialize the public notes from the private repo
return "vault-rebuilt"
@app.route ("/<filename>") # renders a filename if not otherwise specified
def render_post(filename):
return build.html_file(filename, PUBLIC_VAULT_DIR)

3
.env
View File

@@ -1,2 +1,5 @@
obsidian_vault=/home/venus/Documents/Personal-Wiki obsidian_vault=/home/venus/Documents/Personal-Wiki
obsidian_vault_url=git.riverrooks.dev/Personal-Wiki
OBSIDIAN_VAULT_URL=git.riverrooks.dev/Personal-Wiki
obsidian_vault_token=bd8cd9301ae2c1c5bacfb3340492acb5e862686a

2
.gitignore vendored
View File

@@ -1 +1,3 @@
app/__pychache__ app/__pychache__
public-vault
compose.yml

24
Dockerfile
View File

@@ -1,15 +1,29 @@
FROM python:3.14-slim FROM python:3.14-slim
ARG DEBUG_MODE=0 #install git
ENV FLASK_DEBUG=$DEBUG_MODE RUN apt-get update && apt-get install -y \
ENV FLASK_APP=app git \
&& rm -rf /var/lib/apt/lists/*
#install dependencies
RUN mkdir /app RUN mkdir /app
COPY app/requirements.txt /app COPY app/requirements.txt /app
RUN pip3 install -r /app/requirements.txt RUN pip3 install -r /app/requirements.txt
#parse from .env file
ARG DEBUG_MODE=0
ARG obsidian_vault=/home/venus/Documents/Personal-Wiki
ARG OBSIDIAN_VAULT_URL=git.riverrooks.dev/venus/Personal-Wiki
ARG obsidian_vault_token=bd8cd9301ae2c1c5bacfb3340492acb5e862686a
ENV FLASK_DEBUG=$DEBUG_MODE
ENV FLASK_APP=app
# ENV OBSIDIAN_VAULT=$obsidian_vault
ENV OBSIDIAN_VAULT_URL=$OBSIDIAN_VAULT_URL
ENV OBSIDIAN_VAULT_TOKEN=$obsidian_vault_token
COPY app /app COPY app /app
ENTRYPOINT ["flask"] ENTRYPOINT ["flask"]
CMD ["--app", "app", "run", "--host=0.0.0.0", "--port=80"] CMD ["run", "--host=0.0.0.0", "--port=80"]

42
app/__init__.py
View File

@@ -1,35 +1,29 @@
from flask import Flask from flask import Flask
import markdown from app import build
from pathlib import Path from pathlib import Path
import markdown
import os
from dotenv import load_dotenv
app = Flask(__name__) app = Flask(__name__)
CONTENT_DIR = Path(__file__).parent.parent / "content" PRIVATE_VAULT_DIR = Path("/vault")
PUBLIC_VAULT_DIR = "/content"
@app.route("/hello") build.obsidian_vault(PRIVATE_VAULT_DIR) # initialize the private obsidian repo
def hello_world(): build.public_vault(PRIVATE_VAULT_DIR, PUBLIC_VAULT_DIR) # initialize the public notes from the private repo
return "<h1>Hello, World!</h1>"
@app.route("/") @app.route("/")
def index(): def index():
# Write your markdown content md_content = "# Welcome to my blog!\nThis is rendered from **Markdown**.\n##[test](http://localhost/test)"
md_content = "# Welcome to my blog!\nThis is rendered from **Markdown**."
# Convert it to HTML
html_content = markdown.markdown(md_content) html_content = markdown.markdown(md_content)
return html_content return html_content
@app.route("/api/vault-update", methods=['POST', 'GET']) #webhook for vault updated
@app.route ("/post/<filename>") def update_vault():
def render_markdown_file(filename): # TODO SECURE THIS WITH SECRETTTTT or auth header
filePath = CONTENT_DIR / f"{filename}.md" build.obsidian_vault(PRIVATE_VAULT_DIR) # initialize the private obsidian repo
# 3. Protect against missing files build.public_vault(PRIVATE_VAULT_DIR, PUBLIC_VAULT_DIR)# initialize the public notes from the private repo
if not filePath.is_file(): return "vault-rebuilt"
return f"<h1>404</h1><p>Could not find {filename}.md in {filePath}</p>", 404 @app.route ("/<filename>") # renders a filename if not otherwise specified
# else: def render_post(filename):
# return f"<h1> found</h1> <p> found {filename} in {filePath}</p>" return build.html_file(filename, PUBLIC_VAULT_DIR)
# 4. Open, read, and convert the file
with open(filePath, "r", encoding="utf-8") as f:
textContent = f.read()
htmlContent = markdown.markdown(textContent)
return htmlContent

61
app/build.py
View File

@@ -1,26 +1,61 @@
from obsidian_parser import Vault from obsidian_parser import Vault
import shutil import shutil
import markdown
from pathlib import Path
import os
def html_file(filename, contentPath): #renders markwown from filename
filePath = Path(f"{contentPath}/{filename}.md")
# 3. Protect against missing files
if not filePath.is_file():
return f"<h1>404</h1><p>Could not find {filename}.md in {filePath}</p>", 404
# open the file for reading
with open(filePath, "r", encoding="utf-8") as f:
textContent = f.read()
# convert it to markdown
htmlContent = markdown.markdown(textContent)
return htmlContent
def obsidian_vault(dest = "/vault"): # makes sure there is a vault in dest
from git import Repo from git import Repo
url = os.getenv("OBSIDIAN_VAULT_URL")
token = os.getenv("OBSIDIAN_VAULT_TOKEN")
if not(token):
print ("token not found, cant build vault")
raise NameError("tokenNotFound")
return 0
url = f"https://{token}@{url}"
if os.path.exists(os.path.join(dest, '.git')):
#TODO handle merge conflictsjjj
print (f"pulling vault from {url} in {dest}")
repo = Repo(dest)
origin = repo.remotes.origin
origin.fetch()
origin.pull(strategy_option='theirs')
print ("vault updated")
return 1
def clone_secure_repo(url: str, token: str = "", dest: str): # clone a gittea repo using optional security token into dest dirand return a path to the directory print (f"building vault from {url} in {dest}")
return dest Repo.clone_from(url, dest)
print("cloned vault!")
return 1
def public_notes(src: str): # return a list of notes tagged with public from an obsidian directory def public_vault(privateVault = "/vault", dest = "/content"): # build the public vault in dest from an obsidian repo in src
# build vault from source vault = Vault(privateVault)
vault = Vault(src) if not(vault):
if vault:
print ("found vault")
else:
print("could not find vault") print("could not find vault")
return [] raise NameError("vaultNotFound")
return 0
# return a list ofnotes print(f"valid vault{vault}")
return vault.get_notes_with_tag("public")
publicNotes = vault.get_notes_with_tag("public")
def buld_public_vault(src: str, dest: str): # build the public vault in dest from an obsidian repo in src print(f"publicNotes: {publicNotes}")
for note in public_notes(src): for note in publicNotes:
print(note.title) print(note.title)
shutil.copy2(f"{note.path}", dest) shutil.copy2(f"{note.path}", dest)

1
app/requirements.txt
View File

@@ -2,3 +2,4 @@ flask
markdown markdown
obsidianmd-parser obsidianmd-parser
GitPython GitPython
python-dotenv

8
compose.yml
View File

@@ -3,7 +3,11 @@ services:
build: build:
args: args:
- DEBUG_MODE=1 - DEBUG_MODE=1
- obsidian_vault_url=https://git.riverrooks.dev/Personal-Wiki
- obsidian_vault_token=bd8cd9301ae2c1c5bacfb3340492acb5e862686a
ports: ports:
- '80:80' - '8188:80'
volumes: volumes:
- ./content:/content - ./content:/content #public
- ./public-vault:/vault #private

75
content/Cyber-Crime.md Normal file
View File

@@ -0,0 +1,75 @@
#public
- **Cyber Crime**: Use computer/digital device to further illegal ends
> "nothings black and white in what we do, everything's got some gray"
## Types of crime
- **Crimes Against People**: A digital crime where the victim is a person
- **Crimes Against Property**: A digital crime that damages, or illegally interacts with property
- **Crimes Against Government**: A digital crime to undermine the efficacy of a government
> Life is not Black and White, Consider what the greatest impact is
| Crime | category |
| --- | --- |
| Harrassement | People |
| Stalking | People |
| Credit Card fraud | People |
| Id theft | People |
| DOS attack | Property |
| Hacking | Property |
| Vandalism | Property |
| Cyber Warfare | Government|
| Cyber Terrorism | Government|
> Online Harassment is a growing field, stalking, bullying, doxing, etc.
> Modern wars be started with infrastructure hacks, Power grid hacks of Ukraine, Iran, Etc.
### Cyber-stalking and bullying
- **Cyber Bulling**: People attacking reputation and self esteem of other people trough online means like social media campaigns.
- **Cyber Stalking**: Stalking someone through their online footprint. Often to find information with which to exploit the victim.
> Typically older person stalking a younger person. As opposed to bullying, which is usually across the same age
### Cyber Terrorism
- **Cyber Terrorism**: Politically motivated attacks on major infrastructure Money can be a factor, but usually the political is the primary motivation
- Instill fear in a society to elicit some reaction
- financial/reputation gain
- revenge
- etc.
## Examples
Stux-Net
Nation-state attacks on power grids before Wars
- **Sneaker Net**: Moving information across barriers physicality
> proving an attack is one of the hardest questions to answer
# U.S. National cyber strategy
- **U.S. National cyber strategy**: anually updated policy document from the white house detailing the national cyber objectives
> it has been similar last few years
- promote American people
- promoting American prosperity
- preserve peace through strength
- deterrent
- advanced American cyber influence
- strong alliances
- promote international policies
- Shaping adversary behavior
- regulatory environment
- Federal government security
- criticial infrastructure security
- cyber skills workforce gap

79
content/Homework.md Normal file
View File

@@ -0,0 +1,79 @@
#public
# Homework
Questions (P7.)
1. a
1. A. True
2. B. Order does not matter in sets
2. MISSISSIPPI
3.
1. $\subseteq$
2. $\in$
3. $\subseteq$
4. $\in$
5. $\in$ x wrong $\emptyset$ is a $\subseteq$ of all sets
6. $\subseteq$
4. 9.
1. a) $\{S_4, S_5, S_9\}$
2. b) **??**
3. c) quadrillion
4. d)
1. F
2. T (if order does not matter)
3. T
4. F
5. T
6. T
7. F
8. F
9. F
10. T
11. F
12. F
13. T
14. F
15. T
16. T
5. 10.
1. $D_1=\{1\}, D_2=\{1,2\}, D_{10}=\{1,2,5\}$
2. b)
1. T
2. F
3. T
4. T
5. T?
6. F
7. T
8. F
9. F
10. F
11. F
12. T
3. c) $|D_{10}|=3$, $|D_{19}|=2$
4. D) $|\mathcal{D}|=9$
| Questions | Answer |
| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------- |
| 1. <br> 1. (a) True or false? {red, white, blue} = {white, blue, red}. <br> 2. (b) What is wrong with this statement: Red is the first element of the set {red, white, blue}? | a. True<br>b. Order does not matter in sets |
| 2. Which has the larger cardinality? The set of letters in the word MISSISSIPPI or the set of letters in the word FLORIDA ? | MISSIPPI |
| 3. Fill in the blank with the appropriate symbol, ∈ or ⊆. <br> 1. (a) {1, 2, 3} {1, 2, 3, 4} <br> 2. (b) 3 {1, 2, 3, 4} <br> 3. (c) {3} {1, 2, 3, 4} <br> 4. (d) {𝑎} {{𝑎}, {𝑏}, {𝑎, 𝑏}} <br> 5. (e) ∅ {{𝑎}, {𝑏}, {𝑎, 𝑏}} <br> 6. (f) {{𝑎}, {𝑏}} {{𝑎}, {𝑏}, {𝑎, 𝑏}} | |
| 9. Let 𝑆1 = {𝑜, 𝑛, 𝑒}, 𝑆2 = {𝑡, 𝑤, 𝑜}, 𝑆3 = {𝑡, , 𝑟, 𝑒, 𝑒}, and so on. <br> 1. (a) Find all 𝑘 ∈ {1, 2, . . . , 10} with \|𝑆𝑘\| = 4. <br> 2. (b) Find distinct indices 𝑗, 𝑘 with 𝑆𝑗 = 𝑆𝑘. <br> 3. (c) Find the smallest value of 𝑘 with 𝑎𝑆𝑘. <br> 4. (d) Let 𝒮 = {𝑆𝑘}40 𝑘=1. Determine whether the following statements are true or false. <br> 1. (i) 𝑆13 = {𝑛, 𝑒, 𝑖, 𝑡, , 𝑒, 𝑟} <br> 2. (ii) {𝑛, 𝑒, 𝑡} ⊆ 𝑆20 <br> 3. (iii) 𝑆1 ∈ 𝒮 <br> 4. (iv) 𝑆3 ⊆ 𝒮 <br> 5. (v) ∅ ∈ 𝒮 <br> 6. (vi) ∅ ⊂ 𝒮 <br> 7. (vii) ∅ ⊆ 𝒮 <br> 8. (viii) 𝑆1 ⊆ 𝑆11 <br> 9. (ix) 𝑆1 ⊆ 𝑆21 <br> 10. (x) 𝑆1 ⊂ 𝑆21<br> 11. (xi) {𝑛, 𝑖, 𝑒} ∈ 𝒮 <br> 12. (xii) {{𝑓, 𝑜, 𝑢, 𝑟}} ⊆ 𝒮 <br> 13. (xiii) 𝑢𝑆40 <br> 14. (xiv) 𝒫(𝑆9) ⊆ 𝒫(𝑆19) <br> 15. (xv) {𝑠, 𝑖} ∈ 𝒫(𝑆6) <br> 16. (xvi) 𝑤𝒫(𝑆2) | |
| 10. For 𝑘 ∈ {1, 2, . . . , 20}, let 𝐷𝑘 = {𝑥 𝑥 is a prime number which divides 𝑘} and let 𝒟 = {𝐷𝑘 𝑘 ∈ {1, 2, . . . , 20}}.<br> 1. (a) Find 𝐷1, 𝐷2, 𝐷10, and 𝐷20. <br> 2. (b) True or False: <br> 1. (i) 𝐷2 ⊂ 𝐷10 <br> 2. (ii) 𝐷7 ⊆ 𝐷10 <br> 3. (iii) 𝐷10 ⊂ 𝐷20 <br> 4. (iv) ∅ ∈ 𝒟 <br> 5. (v) ∅ ⊂ 𝒟 <br> 6. (vi) 5 ∈ 𝒟 <br> 7. (vii) {5} ∈ 𝒟 <br> 8. (viii) {4, 5} ∈ 𝒟 <br> 9. (ix) {{3}} ⊆ 𝒟 <br> 10. (x) 𝒫(𝐷9) ⊆ 𝒫(𝐷6) <br> 11. (xi) 𝒫({3, 4}) ⊆ 𝒟 <br> 12. (xii) {2, 3} ∈ 𝒫(𝐷12) <br> 3. (c) Find \|𝐷10\| and \|𝐷19\|. <br> 4. (d) Find \|𝒟\| | |
# Unit 1
## Krish Hw 2
1. A = {1, 2, 3}, B = {2, 3, 4} and C = {1, 2, 4}. List the elements of the specified set
1. (a) A ∩ B; | {2,3}
2. (b) A B; | {1,2,3,4}
3. (c) C\A; | {1}
4. (d) A (B ∩ C); | {2,1,3}
5. (e) (A ∩ C) (B ∩ C); | {1,2,4}
6. (f) A × B; | {(1,2),(1,3),(1,4),(2,3),(2,2),(2,4),(3,2),(3,3),(3,4)}
7. (g) B × A; | {(2,1),(2,2),(2,3),(3,1),(3,2),(3,3),(4,1),(4,2) ,(4,3)}
8. (h) (A × B) ∩ (B × A). | {(2,2),(3,3)}
2. $M_2$ = {2, 4, 6, 8, 10, · · · } and $M_3$ = {3, 6, 9, 12, 15, · · · }. Find:
1. (a) $M_2$ ∩ $M_3$;
1. $M_6$
2. (b) $M_3 \backslash M_2$
1. $\{x|x=6k-3 \space\forall\space k \in\mathbb{N}\}$

296
content/Malware.md Normal file
View File

@@ -0,0 +1,296 @@
#public
# Malware/malicious software
- **Malware**: software written with intent to do HARM
```mermaid
flowchart TD
A[Data] <---> B[People]
A <---> C[Devices]
B <---> C
```
> Greatest Vulnerability is People
## Malware types
- **virus:** program to modify other programs
- **Worm**: program that spreads itself
> diff b/t virus and worm is method of movement
- **Trojan**: an innocent program that hides malware inside
- **Ransomware**: require payment to remove (often in exchange for decryption key)
- **Phishing**: Faking identity in order to build trust to encourage specific user behavior
- **DOS/DDOS**: (distributed) denial of service to overwhelm services and prevent legitimate activity from getting through
# Threat Actors
| Group | Motivations |
| ---------------- | -------------------------------------------------------- |
| Nation States | Intelligence Infrastructure |
| Groups of people | Intimidate, org-goals |
| Individuals | ego, \$\$\$, etc |
| Insider Threats | Those inside of an organization who abuse trusted access |
>Insider Threats are the Greatest challenge in cyber-sec
> There is an upward trend in the amount of malware and damage done in USD. 5 month avg for identifying breaches
# CIA TRIAD
```mermaid
flowchart TD
A[Confidentiality] <---> B[Integrity]
A <---> C[Accessibility]
B <---> C
````
True security manages all 3, our job is to find the right balance
## CONFIDENTIALITY
Ensuring that only authorized users can access data
### 3 Types of confidentiality
| type | definition | exampe | |
| --------------- | -------------------------------------------------------------------------- | ------------------------- | --- |
| Confidentiality | limiting access to information including the existence of such information | "What conversation" | |
| Privacy | Limit the information shared | Not giving away PII | |
| Secrecy | Data not to be shared beyond small circle | Restricting access to PII | |
- **PII**: personally identifiable information
## INTEGRITY
Ensure data and system resources are trustworthy
Trustworthy: known author, not maliciously modified
| Catagory | definition |
| --- | --- |
| Data integrity | Data has not been modified or overwritten |
| Origin Integrity | maintaining the authorship and chain of editors |
| System integrity | overall design of processes that work with data |
> While confidentiality is often considered the "Traditional" focus of security, Integrity can be considred just as important
## AVAILABILITY
Authorized users can access data and systems when needed.
Confilicts directly with Confidentiality, this balance is our job.
DDOS/DOS attacks affect availibility.
> "If one person can have access, many have access"
# What is security?
> Just fire-walling/encrypting your system $\neq$ security
**Security is a systems issue**, good security is a heuristic endeavor encompassing the following questions:
1. What are we protecting?
2. What can go wrong?
3. What are we going to do about it?
4. Did we do a good job?
You need to deal with policy and procedure. E.G. talking to non-tech savvy people or encouraging more scrutiny of strange emails
- **Forensics:** determine what was done when
```mermaid
mindmap
id))system((
id(Hardware(
id(Software(
id)networking(
```
# The Five As
| [[Malware#Authentication]] | Verification of a user's Identity | static password |
| ------------------------ | -------------------------------------------- | ------------------------- |
| Access control | control who is allowed access to something | ACT card |
| [[Malware#Accounting]] | keeping track of activity | logs of command history |
| [[Malware#Auditing]] | checking for suspicious behavior or failures | log analysis |
| Action | taking action on a threat | changing a users password |
## Authentication
> How do we know who you say you are? j do we know you're authorized?
### 3 mechanism of authentication:
| something you **know** | Static username and passwd |
| ---------------------- | -------------------------------------------------------------------- |
| something you **have** | one time password (OTP) --> usually **2nd device** as authentication |
| something you **are** | Biometric credential |
## Accounting
- cant have $\infty$ storage, so what do you keep?
## Auditing
You need to know your system is compromised if you're taksed to protect it.
"Did something happen?"
This is looking at logs created and making policies to take action of some kind
you also need to determine the action to take
# measures and countermeasures
| prevention | measures to **stop breaches** | Gaurd at the gate, strong authentication policy | |
| ---------- | --------------------------------- | ----------------------------------------------- | --- |
| detection | measures to **detect breaches** | beggining, ongoing, or afterwords | |
| Reaction | measures to **recover of assets** | Rebuild, Repair, Pursue | |
```mermaid
flowchart TB
id1[Passwords are easy to guess] --> id2[Password policies] --> id3[Users write down passwds] --> id4[etc]
```
# Insider threats
- **Threat**: An event of condition that has the potential to cause loss or undesirable consequences
- **Insider Threat**: threat caused by someone inside of the organization
- Disgruntled employee
- Careless employee
| |IT sabatoge| Theft of IP | Fraud | Espionage |
| --- | --- | --- | --- | --- |
| WHO | techinal/priveleged access | scientists, programmers, engineers, sales | fincacial pros, low/mid developers, customer service | anybody |
| WHEN | on/before termination | ~60 days b4 leaving | Long period of time | long period of time |
| WHY | revenge | new job, start company | Greed, financial need | dissatisfaction, greed, financial need |
## Identifying Insider Threats:
- Who has the most access?
> Don't assume sysadmin is the villan, just be aware of their access level
- become the insider. "Think like the attacker"
- most employees dont join to become insiders
## Lifecycle of an insider
1. Recruitment/tipping point
2. Search/Reconnisance
3. Acquisition/collection
4. Exfiltration/Action
# Threat Modeling
> The equifax breach exploited a known vulnerability that equifax didn't patch for months. $1.4 Billion in damages
## The fundamental security problem
There are more attacks than can be reasonably stopped with limited time/money
## Why threat model
- Proactive vs Reactive
- Prioritization
- Systematic approach
- Find problem's you'd otherwise miss
- Legal compliance
## The cost of a vulnerability
![[Diagram 2.svg]]
## What is threat modeling?
A structured process to identify, quantify, and address security risks in a system or process
## Key Questions
1. What are we protecting
2. What can go wrong
3. What are we going to do about it
4. did we do a good job
## Steps
### 1. define scopes and assets
### 2. Create architecture diagram
- Data flow
- Network diagram
- Component diagram
- Trust breakdown diagram
### 3. Identify threats
| S | spoofing Identity |
| --- | --- |
| T | Tampering with data |
| R | Repudation |
| I | Information disclosure |
| D | Denial of servie |
| E | Escalation of privelege |
> [[Malware#CIA Triad]]
### 4. Rank and prioritize threats
#### DREAD
on a scale of 1 - 10
Risk = (D+R+E+A+D)/5
| D | Damage potential |
| --- | --- |
| R | Reproducability |
| E | Exploitability |
| A | Affected Users |
| D | Discoverability |
Ex: Mybama SQLI
| D | 10 |
| --- | --- |
| R | 10 |
| E | 7 |
| A | 10 |
| D | 8 |
R 9 = (10 + 10 + 7 + 10 + 8) / 5
9 is a **Critical threat**
#### Impact/likelyhood table
| likelyhood | low | med | high |
| ---------- | --- | --- | ---- |
| low | 1 | 2 | 3 |
| med | 2 | 4 | 6 |
| high | 3 | 6 | 9 |
| < 3 | < 6 | 9 |
| --- | --- |---|
| low, fix when possible | Vulnerable. Fix ASAP | HUGE PROBLEM |
### 5. Determine Mitigation
1. **Eliminate**: remove the vuln --> unused admin page
2. **Mitigate**: Reduce likelihood of attack --> Sanitize SQL inputs
3. **Transfer**: Move to somewhere else --> send it to your SSO
4. **Accept**: It's good enough --> password logins (using microsoft)
## Why it works:
1. Systematic, not random
2. Visual
3. Collaborative
4. Proactive
5. Prioritized
6. Documented
# Encryption
## Symmetric V. Asymmetric
- **Symmetric encryption**: Uses a single key
- **Asymmetric encryption**: Uses two keys
```mermaid
stateDiagram-v2
state symmetric{
plaintext
}
state asymmetric{
text
key
}
text --> encryption
key --> encryption
encryption --> cyphertext
plaintext --> encryption
cyphertext --> decryption
decryption --> Plaintext
```
### Asymmetric key encryption
> Asymmetric has 2 keys and is more computationally expensive
takes 2 keys, and runs the encryption algo on the combined input
1 is the private key, one is the public
how do you securely send the keys?
### Symmetric key encryption
Cheaper, older and more common
> Block cipher
- **DES**: Data Encryption Standard
- Oldest standard
- originally labbeled by NIST
- **AES**: Advanced Encryption Standard
- updated DES, more computationally signifigant for modern computing
- **3DES**: 3 Data Encryption Standard
- does DES 3 times
- **TLS**: Transport Layer security
- for high level web traffic
- **SSL**: Secure Socket layer
- for secure communication between machine
## Feistel block cipher
Takes initial input, splits in half, encrypts left half, and switches. Repeats
The key is used in encryption through a reversable algorithm.
![[Pasted image 20260217083518.png]]
## Diffie Heiman Key exchange
Symmetric means you have to pass around the key,
Asymmetric is computationally expensive
Diffie-Heiman is a solution
1. Publish your public key
2. Send hash function with any work you then publish
3. Your public key can be used to verify integrety of any published work
3a. verifying file downloads
3b. git commits
You can aslo force 1-way encryption with a block cipher so:
data --> hash
but not:
hash --> data
any slight change of input, dramatically changes output (Avalance effect)
> since encryption methods take any size and hash it to a fixed size, collisions are possible. Furthermore, Collisions are going to be vastly different inputs
## Hash functions
- Md5
- Sha1
- Sha3
- Sha256
- RSA

2
content/Public test 2.md Normal file
View File

@@ -0,0 +1,2 @@
if this is there, the site live updates from wh
#public

157
content/Unit 1 Sets and Logic.md Normal file
View File

@@ -0,0 +1,157 @@
---
tags:
- Math-301
- Math
- School
- notes
- Spring-25
- public
Slides: "[[Wed 1-7.pdf]]"
Topic: Sets and Logic
Unit: 1.1 - 1.6
---
# 1.1 Basic definitions
A set is a collection of objects. The objects in a set are called its elements or members.
> Let A={a,b,c}.
> $a\in A$ -- means *a* is an element of *A*
> $d \notin A$ -- means *d* is not an element of *A*
**Def**. the [[Cardinality]] of a finite set `S`, demoted `|S|`. is the number of elements in `S`.
In the example, `|A| = 3`.
### Notation for some sets of numbers
> Natural numbers: $\mathbb{N}$ = {1,2,3,...}
> Whole Numbers: $\mathbb{W}$ = {0,1,2,3,...}
> The set of integers: $\mathbb{Z}$ = {...-3,-2,-1,0,1,2,3,} = {0,1,-1,2,-2,3,-3...}
> Rational Numbers: $\mathbb{Q}$ = $\{\frac{a}{b}\vert a,b\in\mathbb{Z},b\neq0\}$
> Set of real numbers: $\mathbb{R}$
---
## 2 subsets
- Let *A* and *B* be sets. We say that *B* is a [[subset]] of *A*, if every element of *B* is also an element of *A*, denoted $B\subseteq A$
- Two sets are [[equal]], denoted $A = B$, if $A\subseteq B$ and $B\subseteq A$
>Ex. Let *A* = $\{x\vert x\in\mathbb{Z}\hspace{7px}and\hspace{7px}0\lt x\lt6\}$.
>We see that $A=\{1,2,3,4,5\}$.
>Note: $1\in A, 4\in A$, but $6\notin A$.
>$\{1,3,5\}\subseteq A,\{2\}\subseteq A$, but $\{2\}\notin A$
>{2,4,6}$\subsetneq A$ since $6 \notin A$
>|A| = 5.
>Ex. $\mathbb{N}\subseteq \mathbb{W} \subseteq \mathbb{Z} \subseteq \mathbb{Q} \subseteq \mathbb{R}$
[[Proper subset]]: $B\subset A$ if $B\subseteq A$ and $B\neq A$
### Intervals of $\mathbb{R}$
> (a,b) = {x$\in \mathbb{R}$ | a < x < b}, where $-\infty\le a \le b \le\infty$
> \[a,b] = {x$\in \mathbb{R}$ | a $\le$ x $\le$ b}, where $-\infty\lt a \le b \lt\infty$
> \[a,b) = \{x$\in \mathbb{R}$ | a $\le$ x < b}, where $-\infty\lt a \lt b \le\infty$
> \(a,b] = \{x$\in \mathbb{R}$ | a $\lt$ x $\le$ b}, where $-\infty\le a \lt b \lt\infty$
## 3. Collections of Sets
The elements of a set may themselves be sets, and so is is a collections of sets
> Ex. $\mathcal{C}$ = { {1}, {1, 2}, {1, 2, 3} }. Note that
> {1} $\in \mathcal{C}$, {1,2} $\notin\mathcal{C}$, {1,2,3} $\in\mathcal{C}$ **??**
> {1} $\subsetneq\mathcal{C}$ since $1\notin\mathcal{C}$
> {{1}, {1,2}} $\subseteq\mathcal{C}$
> {{1}, {1,2}} $\notin\mathcal{C}$.
### Indexed Collection of Sets
Let `I` be a set. Suppose $S_i$ is a set for each `i` $\in$ `I`.
Then we say that $\{S_i\}_{i\in I}$ = $\{S_i|i\in I\}$ Is called a [[collection of sets indexed]] by `I`.
> Ex. Let $S_n$ = (n-1, n) for each $n\in\mathbb{N}$. Then
> $\{S_n\}_{n=1}^{3}$ = {$S_1,S_2,S_3$} = $\{(0,1), (1,2), (2,3)\}$
> $\{S_n\}_{n\in\mathbb{N}}$ = $\{(0,1), (1,2), (2,3),...\}$
## 4. The Empty Set
Let `E` be a set with no elements. Then for any Set `A`, we have `E`$\subseteq$`A` [[(Vacuously True)]].
If `E'` is another set with no elements, then `E`$\subseteq$`E'` `E'`$\subseteq$`E`
So `E`=`E'` Therefore, there is a unique set with no elements. We call it the [[empty set]], denoted by $\emptyset$ = {}.
**Property: For every set `A`, $\emptyset\subseteq$`A`.**
## 5. The Power Set of a Set
the [[power set]] of a set `S` is the collection of all subsets of `S` and is denoted $\wp(S)$.
> $\wp(S) = \{A | A \subseteq S\}$.
>Ex. Let $A$ = $\{a,b,c\}$. Then
>$\wp(A)\{\emptyset\,\{a\},\{b\},\{c\},\{a,b\},\{a,c\},\{b,c\},\{a,b,c\}\}$
>Note: |$\wp(A)$ = 8 = $2^3$ = $2^{|A|}$.
## 6. Summarizing example
Consider the set:
> $S = \{1,2,\emptyset,\{a,b\}\}$. Then
> $2\in S, 2\subsetneq S$
> ${2}\notin S, 2\subseteq S$
> > $\emptyset, 2\subsetneq S$
# 1.2 Set Operations
## 1 Intersections and Unions
>Let `A` and `B` be sets. The [[Intersection]] of `A` and `B` is the set.
>$A\cap B$ {X | x $\in$ A and x $\in$ B}
>![[Pasted image 20260114205835.png]]
The [[Union]] of `A` and `B` is the set
> $A \cup B$ = {x | $\in$ a A or x $\in$ B } ## "Or" is the "Inclusive or"
> ![[Pasted image 20260114210548.png]]
> Ex. Let `A`={0,2,4,6,8}, `B`={0,3,6,9}, and C={1,2,3,4,5,6,8,9}. Then
> (a) $A\cap B$ = {0,6}
> (b) $A\cup B = \{0,2,4,6,8,3,9\}=\{0,2,3,4,6,8,9\}$
> (c) $B\cap C$ = {3}
> (d) $A\cup(B\cap C) = \{0,2,3,4,6,8\}$
> (e) $(A\cup B)\cap C = \{2,3,4\}$
> Note: $A\cup(B\cap C)\neq(A\cup B)\cap C$
**Def. We say that two sets A and B and [[disjoint]] if $A\cap B=\emptyset$**
![[Pasted image 20260115174934.png]]
> **Theorem. Let `A` and `B` be finite sets.**
> (a) $|A\cup B|=|A|+|B|-|A\cup B|$
> ![[Pasted image 20260115175142.png]]
> (b) if `A` and `B` and disjoint then $|A\cup B| = |A| + |B|$
> ![[Pasted image 20260115175132.png]]
> (c) If $A\subseteq B, then |A|\leq|B|$
## 2 Arbitrary Collections
Let $\mathcal{C}=\{S_i|i\in I\}$ be a collection of sets indexed by a set `I` (Assume $I\neq0$.) Then the [[Intersection]] of $\mathcal{C}$ is defined as
> $\cap\mathcal{C}=\cap_{i\in I} S_i=\{x|x\in S_i$ for all $i\in I\}$.
The [[Union]] of the collection $\mathcal{C}$ is the set
>$\cup\mathcal{C}=$ $\cup_{i\in I}S_i=\{x|x\in S_i$ for at least one $i\in I\}$
For a finite collection of sets indeed by $I=\{1,2 ... , n\}$
we often write the intersection and unions of $\mathcal{C}=\{S_1,S_2, ... ,S_n\}$ as
> $\cap_{i=1}^n S_i = S_1\cap S_2\cap S_3\cap ... \cap S_n$
> $\cup_{i\in I}^n S_i=S_1\cup S_2\cup ... \cup S_n$
Def. Let $\{\S_i|i\in I\}$ be an indexed collection of sets.
> (a) The collection is [[Mutually disjoint]] if for all $i,j\in I$, if $S_i\neq S_j, then S_I =\cap S_j\space\emptyset$
> Equivalently: for all $i,j\in I$, $S_i=S_j\space or\space S_i\cap S_j=\emptyset$
> (b) The collection is [[nested]] if for all $i,j\in I$, $S_i\subseteq S_j$ or $S_j\subseteq S_i$
$S=\{x\in\mathbb{W}|x\notin M_{5}, x\in M_3\}$
---
> $B_n$ = $\{x\in\mathbb{R}\space\vert\space |x| < n\}$
$B_1$ = (-1,1)
$B_2$ = (-2,2)
$B_3$ =(-3, 3)
> [!note] incluse vs exclusion
$[-1,1]\neq (-1,1)$ where $n=\mathbb{R}$
let $A$ = $(-1,1)$
let $B$ = $[-1,1]$
$A\subseteq B$
$A\neq B$
| Q | P | A |
| ------------------ | ---------------------- | ------------------ |
| Mutually disjoint? | $B_n\subseteq B_{n+1}$ | False |
| Nested?<br> | $B_n\subseteq B_{n+1}$ | True |
| Intersect | $B\cap B_n$ | $B_1$ |
| Union<br> | $B\cup B_n$ | $(-\infty,\infty)$ |

82
content/Website Tutorial.md Normal file
View File

@@ -0,0 +1,82 @@
---
tags:
- public
- notes
- tutorial
- code
- project
- blog
---
# So you need a website
## Overview
1. How do websites work
2. 3 things that you need
3. What are your options
1. Premium
2. Custom
3. DIY
1. Registering a domain
1. What is DNS
2. Picking a domain
3. setting up a registrar
2. Building a frontend
1. Chat GPT
2. DeepSite
3. DIY options
4. UX and frontend resources
3. Setting up GH pages
1. GH account
2. Set up New Repo
3. Importing Code
4. Setting the DNS
## how do websites work
There are 3 main elements of the internet: your computer, the website's code, and the path between the two.
You can download [this page]() and open it in your computer. Notice how your browser's address doesn't say "Https://%url%" but instead shows a file location on your own machine.
The internet is the same phenomenon, but between multiple computers. URL, (the technical name for a link, or website address) simply stands for Universal Resource Locator and is just a way of telling your computer how to access a file on someone else's computer.*
There are lots of complicated standards for how computers actually talk to each other. The most relevant here is DNS, which stands for Domain Name System. It is how we assign internet-connected computers (called servers) with human readable names. There are special DNS servers which are responsible for telling your computer where in the world a specific website is stored.
A URL, a frontend, and server to host it are all that you need to create a website. I will explain how to simply and affordably (or even for free) set up each of these elements.
*url's can end in [.pdf](example), [.jpg](example), or other file extensions. Just like files on your computer.*
## What do you need
### A URL
Simply a link that is going to point to your website. You can buy one from a domain registrar and configure it in just a few minutes.
### A Website file to display
This is what people will see when they visit your website.
### A computer to display it on
There are myriad ways to accomplish this from renting a server from someone, to putting on in your house, to taking advantage of already free web hosting tools. I'm going to show you how to use GitHub's* free hosting service
*GitHub is owned by Microsoft and is the largest code distribution and hosting service. Most companies and developers rely on it's services daily.*
## Getting A Domain
The process of registering a domain takes only a few minutes, and a couple of steps.
There are a number of websites that control who has access to websites, and which servers they point to. They are all basically the same. I've picked out [namecheap](https://namecheap.com) for this tutorial.
To register a domain just head over to their site, find a domain that you want, and purchase it. Watch out for these:
1. First year prices are often discounted. Watch for a renewal rate.
2. Save your password somewhere. You will hopefully have this website for a long time, and you may have someone else manage it for you eventually.
3. Marketable domains are often short and easy to spell. Imagine verbally telling someone how to visit the website.
Make sure to verify your email and save your login information, as we will be needing to log back in shortly.
### Building a frontend

3
content/index.md
View File

@@ -1,3 +0,0 @@
# This is a test
and this is p
*italics*

10
content/test.md Executable file → Normal file
View File

@@ -1,3 +1,11 @@
---
public: "true"
tags:
- public
---
# This is a test # This is a test
and this is p and this is p
*italics* [https://localhost/test]()
[asd](https://localhost/test)

22
readme.md
View File

@@ -1,22 +0,0 @@
# Architecture
/app
> containts all of the files to build and run the docker container.Docker containter runs the application
/content
> contains all of the publicly accessible files
templates
notes
index
...
compose # compose file to mount content to app
build.sh #optional file to build the app
.env # enviroment var files for location of existing public directory. will depricate
# Dockerfile
> builds the flask application and sets it to run.
- runs the site
# app
- clones the public repo (from env var url)
- finds public notes and moves to content vault
- exposes webhook to update vault and public notes