PocketNotes . . .

~online notebook~

pyautogui is a python module to automate keyboard and mouse actions. I found this very interesting and creepy too ! :).

Here are few things to πŸ“ note,


Here is a short blog post to understand digital signatures and how public and private key works.

Digital signature has three parts to it, 1. A key generation algorithm (which creates public-private key pair) 2. Hashing /Signing algorithm. When a message and private key is given as input, this gives a hash value as an output. Variable length input fixed length output.


Here are few interesting things I came across this week,

  • Gatekeeper bypass in MacOS. According to researcher, this attack is a combination of two things. Auto mount network drives and No check for symlinks when zip files are decompressed. Attack –>User maps a remote network share and downloads a symlink enabled β€œ.zip” is. User decompresses this,

Loading folder path and filenames manually gives many errors. Spaces, spelling, different file paths and many others add to these. One way to avoid this is to allow the user to choose the path and filenames. Unless these are some predefined file/folderpaths which are static everywhere.

In this blog post two PowerShell functions will be defined for this purposes.

Folder Path

This script will create a pop-up window to select folder path.



Qualys has published a detailed guide on using API. Primarily this blog will concentrate on β€œcURL” and β€œPowerShell” as the scripting language to query the API.

Note on API limits: Qualys has applied rate limit on API calls based on subscription. Reading API limit is easy, look for X-Powered-By header in http-reponse headers, β€œX-RateLimit-Limit:” API calls per β€œX-RateLimit-Window-Sec:/60*60” hrs. Ex: if β€œX-RateLimit-Limit: 100” β€œX-RateLimit-Window-Sec: 86400” Then,



We need three virtual machines to recreate this attack. I used virtual box to setup these virtual machines. All three machines should be on same subnet.

All three machines are in β€œNat in network” mode. Attacker machine can be of any OS. Victim should be of Windows OS(any windows OS will do good for demo)


Enter your email to subscribe to updates.