mccormickt · mccormickt · Mar 5, 2025 · Mar 5, 2025 · Mar 5, 2025 · Mar 5, 2025
diff --git a/.github/workflows/action.yml b/.github/workflows/action.yml
diff --git a/.github/workflows/pages.yml b/.github/workflows/pages.yml
@@ -0,0 +1,31 @@
+on:
+  workflow_dispatch: {}
+  push:
+    branches:
+      - master
+  pull_request:
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+    concurrency:
+      group: ${{ github.workflow }}-${{ github.ref }}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup Hugo
+        uses: peaceiris/actions-hugo@v3
+        with:
+          hugo-version: "latest"
+          extended: true
+
+      - run: hugo --minify
+
+      - name: Deploy
+        uses: peaceiris/actions-gh-pages@v3
+        if: ${{ github.ref == 'refs/heads/master' }}
+        with:
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          publish_dir: ./public
+          cname: blog.jan0ski.net
diff --git a/.gitignore b/.gitignore
@@ -1 +1,2 @@
-book
+public
+.hugo_build.lock
diff --git a/.gitmodules b/.gitmodules
@@ -0,0 +1,3 @@
+[submodule "themes/risotto"]
+	path = themes/risotto
+	url = https://github.com/joeroe/risotto
diff --git a/README.md b/README.md
@@ -1,3 +1,3 @@
 # [mccormickt.github.io](https://mccormickt.github.io)
 
-Holds the source of my personal Security blog made using [mdbook](https://github.com/rust-lang/mdBook) and deployed with Github actions.
+Holds the source of my personal blog made using [hugo](https://gohugo.io) and deployed with Github actions.
diff --git a/archetypes/default.md b/archetypes/default.md
@@ -0,0 +1,5 @@
++++
+date = '{{ .Date }}'
+draft = true
+title = '{{ replace .File.ContentBaseName "-" " " | title }}'
++++
diff --git a/src/code/encrypted_payload_creator.go → assets/code/encrypted_payload_creator.go b/src/code/encrypted_payload_creator.go → assets/code/encrypted_payload_creator.go
diff --git a/src/code/encrypted_shellcode_template.go → assets/code/encrypted_shellcode_template.go b/src/code/encrypted_shellcode_template.go → assets/code/encrypted_shellcode_template.go
diff --git a/src/code/reverse_shell.go → assets/code/reverse_shell.go b/src/code/reverse_shell.go → assets/code/reverse_shell.go
diff --git a/src/code/shellcode_injection.go → assets/code/shellcode_injection.go b/src/code/shellcode_injection.go → assets/code/shellcode_injection.go
diff --git a/book.toml b/book.toml
diff --git a/content/index.md b/content/index.md
@@ -0,0 +1,8 @@
+# Compiling my journey through security research and systems programming.
+
+---
+
+## `$ ls ./`
+
+- [Offensive Go](/post/golang)
+- [Containers & Kubernetes](/post/k8s)
diff --git a/src/golang/code-injection.md → content/post/golang/code-injection.md b/src/golang/code-injection.md → content/post/golang/code-injection.md
@@ -1,4 +1,9 @@
-# Code Injection
++++
+date = '2025-03-04T21:55:26-05:00'
+draft = true
+title = 'Code Injection'
++++
+
 Example of injecting shellcode into a local process.
 
 ---
@@ -52,5 +57,3 @@ Since the msfvenom shellcode is 32-bit, we set the GOARCH environment variable a
 - [CreateRemoteThread Shellcode Injection](https://ired.team/offensive-security/code-injection-process-injection/process-injection)
 - [Using Go to Call the Windows API](https://medium.com/jettech/breaking-all-the-rules-using-go-to-call-windows-api-2cbfd8c79724)
 - [VirtualAlloc function - Win32 apps](https://docs.microsoft.com/en-us/windows/win32/api/memoryapi/nf-memoryapi-virtualalloc?redirectedfrom=MSDN)
-
-
diff --git a/src/golang/encrypted-generator.md → content/post/golang/encrypted-generator.md b/src/golang/encrypted-generator.md → content/post/golang/encrypted-generator.md
@@ -1,18 +1,23 @@
-# Encrypted Shellcode Injection 
++++
+date = '2025-03-04T21:55:26-05:00'
+draft = true
+title = 'Encrypted Shellcode Injection'
++++
+
 A tool to generate go source code to compile payloads utilizing encrypted shellcode injection. To be used with a template Go file to execute the encrypted shellcode.
 
 ---
 
 ## Encrypted Payload Generator
 * Generate shellcode with msfvenom or other tools.
-* Encrypt it using AES-256. 
-* Place the key and the encrypted shellcode into a template Go file. 
+* Encrypt it using AES-256.
+* Place the key and the encrypted shellcode into a template Go file.
 
 Usage:</br>
 `$ go run encrypted_payload_creator.go > payload.go`
 
 ```go
-{{#include ../code/encrypted_payload_creator.go}}
+{{#include ../../assets/code/encrypted_payload_creator.go}}
 ```
 
 ## The Payload Template
@@ -32,10 +37,10 @@ PS C:\> $Env:GOARCH=386; go build encrypted_shellcode.go
 
 Encrypted Shellcode Template
 ```go
-{{#include ../code/encrypted_shellcode_template.go}}
+{{#include ../../assets/code/encrypted_shellcode_template.go}}
 ```
 
 ---
 
 ## References
-- [tomsteele/penutils](https://github.com/tomsteele/pen-utils/blob/master/go-encrypt-shellcode-thing/main.go)
+- [tomsteele/penutils](https://github.com/tomsteele/pen-utils/blob/master/go-encrypt-shellcode-thing/main.go)
diff --git a/src/golang/exif-fuzz.md → content/post/golang/exif-fuzz.md b/src/golang/exif-fuzz.md → content/post/golang/exif-fuzz.md
@@ -1,4 +1,9 @@
-# Exif Parser Fuzzing
++++
+date = '2025-03-04T21:55:26-05:00'
+draft = true
+title = 'Exif Parser Fuzzing'
++++
+
 Writing a custom fuzzer for an exif parser using Go.
 
 ---
@@ -297,4 +302,3 @@ The full source of this lab can be found on my [Github](https://github.com/jan0s
 - [h0mbre - Fuzzing Like A Caveman](https://h0mbre.github.io/Fuzzing-Like-A-Caveman/#)
 - [jaybosamiya - Security Notes](https://github.com/jaybosamiya/security-notes#basics-of-fuzzing)
 - [Gynvael's Youtube Channel](https://www.youtube.com/channel/UCCkVMojdBWS-JtH7TliWkVg)
-
diff --git a/src/golang/index.md → content/post/golang/index.md b/src/golang/index.md → content/post/golang/index.md
@@ -1,6 +1,6 @@
 # Offensive Go
 
-## Code 
+## Code
 * [Reverse Shell](./rev-shell.md)
 * [Local Shellcode Injection](./code-injection.md)
 * [Encrypted Payload Generator](./encrypted-generator.md)

diff --git a/src/golang/rev-shell.md → content/post/golang/rev-shell.md b/src/golang/rev-shell.md → content/post/golang/rev-shell.md
@@ -1,9 +1,13 @@
-# Reverse Shell
++++
+date = '2025-03-04T21:55:26-05:00'
+draft = true
+title = 'Reverse Shell'
++++
 
 > <i class="fa fa-info-circle fa-lg"></i>
 To create a binary for a specific operating system or architecture, set the `GOOS` and `GOARCH` environment variables before running the `go build` command.<br/><br/>
 `$ GOOS=$target_os GOARCH=$target_arch go build reverse_shell.go`
 
 ```go
-{{#include ../code/reverse_shell.go}}
+{{#include ../../assets/code/reverse_shell.go}}
 ```
diff --git a/src/images/reverse_shell.png → content/post/golang/reverse_shell.png b/src/images/reverse_shell.png → content/post/golang/reverse_shell.png
diff --git a/src/k8s/hostpath.md → content/post/k8s/hostpath.md b/src/k8s/hostpath.md → content/post/k8s/hostpath.md
@@ -1,4 +1,9 @@
-# HostPath
++++
+date = '2025-03-04T21:55:26-05:00'
+draft = true
+title = 'HostPath'
++++
+
 Abusing HostPath to escape containers.
 
 ---
@@ -28,7 +33,7 @@ dev    home   lib    mnt    proc   run    srv    tmp    var
 groups: cannot find name for group ID 11
 To run a command as administrator (user "root"), use "sudo <command>".
 See "man sudo_root" for details.
-root@3396f9188944:/# 
+root@3396f9188944:/#
 ```
 Show release information has changed to Ubuntu (WSL)
 ```
@@ -72,7 +77,7 @@ spec:
       mountPath: "/host"
   volumes:
   - name: root
-    hostPath: 
+    hostPath:
       path: "/"
 ```
 Exec into pod to see mounted host directory just like docker
@@ -82,7 +87,7 @@ pod/noderoot created
 
 $ kubectl exec -it pod/noderoot -- /bin/bash
 bash-5.0# chroot /host bash
-[root@noderoot /]# 
+[root@noderoot /]#
 ```
 
 `chroot` onto the host
@@ -152,4 +157,4 @@ Bounding set =cap_chown,cap_dac_override,cap_dac_read_search,cap_fowner,cap_fset
 - [Linux Capabilities](https://linux-audit.com/linux-capabilities-101/)
 - [The Path Less Traveled: Abusing K8s Defaults - Ian Coldwater & Duffy Cooley](https://www.youtube.com/watch?v=HmoVSmTIOxM)
 - [Seccomp Security Profiles and You - Duffy Cooley](https://www.youtube.com/watch?v=OPuu8wsu2Zc)
-- [Kubernetes Goat - Intentional Vulnerable K8s Cluster](https://github.com/madhuakula/kubernetes-goat)
+- [Kubernetes Goat - Intentional Vulnerable K8s Cluster](https://github.com/madhuakula/kubernetes-goat)
diff --git a/content/post/k8s/index.md b/content/post/k8s/index.md
@@ -0,0 +1,4 @@
+# Containers & Kubernetes
+
+* [HostPath](./hostpath.md)
+* [Attacking Kube_Security_Lab w/ Client-go](./kubesec-sdk.md)
diff --git a/hugo.toml b/hugo.toml
@@ -0,0 +1,90 @@
+baseURL = 'https://blog.jan0ski.net/'
+languageCode = 'en-us'
+title = "Jan0ski's Security Blog"
+author = 'Tommy McCormick'
+theme = 'risotto'
+
+# Generate a nice robots.txt for SEO
+enableRobotsTXT = true
+sectionPagesMenu = 'main'
+
+[pagination]
+# Number of pages to include in the paginator
+# before and after the current page
+pagerSize = 3
+
+[params.about]
+title = "Tommy McCormick"
+description = "cloud native security, go, & rust"
+
+[params.theme]
+palette = "base16-dark"
+
+# Sidebar: about/bio
+## Sidebar: social links
+[[params.socialLinks]]
+icon = "fa-brands fa-github"
+title = "GitHub"
+url = "https://github.com/mccormickt"
+
+[[params.socialLinks]]
+icon = "fa-solid fa-envelope"
+title = "Email"
+url = "mailto:mccormickt9@gmail.com"
+
+[[params.socialLinks]]
+icon = "fa-brands fa-square-bluesky"
+title = "Bluesky"
+url = "https://bsky.app/profile/jan0ski.net"
+
+[menu]
+
+[[menu.main]]
+identifier = "about"
+name = "About"
+url = "/about/"
+weight = 10
+
+[taxonomies]
+category = "categories"
+tag = "tags"
+
+# For hugo >= 0.60.0, enable inline HTML
+[markup.goldmark.renderer]
+unsafe = true
+
+[markup]
+
+# Table of contents
+# Add toc = true to content front matter to enable
+[markup.tableOfContents]
+startLevel = 2
+endLevel = 3
+ordered = true
+
+[privacy]
+
+[privacy.vimeo]
+disabled = false
+simple = true
+
+[privacy.x]
+disabled = false
+enableDNT = true
+simple = true
+
+[privacy.instagram]
+disabled = false
+simple = true
+
+[privacy.youtube]
+disabled = false
+privacyEnhanced = true
+
+[services]
+
+[services.instagram]
+disableInlineCSS = true
+
+[services.x]
+disableInlineCSS = true
diff --git a/src/SUMMARY.md b/src/SUMMARY.md
diff --git a/src/k8s/index.md b/src/k8s/index.md
diff --git a/src/prefix.md b/src/prefix.md
diff --git a/themes/risotto b/themes/risotto