Thankful to be here ๐ŸŒ
12741 words

Fave YouTube Chanels ๐Ÿ“ผ

๐Ÿ”จ Hardware/ Electronics/ DIY

๐Ÿ” Cyber Security/ Hacking

๐Ÿ’ฟ Linux / Servers

๐Ÿงฎ Coding/ Algorithms/ Math

๐Ÿ’ป Technology/ PCs/ Consumer Electronics

๐Ÿ›ฐ Astronomy

๐Ÿ“บ Cartoons

โœ Bible

๐Ÿš… Trains

๐Ÿงช Science/ Engineering

๐Ÿƒโ€โ™‚๏ธ Motivational/ Lifestyle

๐Ÿ‘พ Fun/ Sometimes Educational

โšฐ Past Legends/ Rarely Updated

๐ŸŒŸ Personal Favorite Favorites


These are my personal favorite YouTube channels, the talent and hard work behind each of these channels is very inspirational. Since I can't feasibly financially support all of them, I am instead sharing there content here.

I try to avoid using the official YouTube app and website (due to privacy concerns) (I instead use Invidious (web) / FreeTube (desktop) / NewPipe (mobile)). Therefore I need to manage my subscriptions externally, and that is part of what this list is for.

[HOW-TO] Use SSH for Server Authentication ๐Ÿ”“

Option #1 - Manual Configuration

Generating a new SSH Key Pair

  1. Run ssh-keygen -t rsa -b 4096
  2. When prompted, enter a passphrase
  3. SSH keys should be stored in ~/.ssh/

Importing Public Key to Remote Machine

  1. SSH into remote server, with username + password
  2. cd into your /home directory, and mkdir .ssh
  3. Copy public key from local to remote machine scp ~/.ssh/ user@
  4. Append SSH public key to authorized hosts file cat ~/.ssh/ >> ~/.ssh/authorized_keys
  5. Set permissions to .ssh directory (read, write, execute) and files (read, write) chmod 700 ~/.ssh/ && chmod 600 ~/.ssh/*

Disable Password Authentication

  1. Make a backup of the sshdconfig file, before modifying it `sudo cp /etc/ssh/sshdconfig.backup`
  2. Turn off password authentication
    • sudo vim /etc/ssh/sshd_config
    • Find #PasswordAuthentication yes and replace with PasswordAuthentication no
    • Save and exit
  3. Restart SSH service sudo service ssh restart

Option #2 - SSH Copy ID Command

After generating an SSH key pair, simple run ssh-copy-id user@
This adds your public key to the .ssh/authorized_keys file on the remote server

Further Links

[HOW-TO] Operate the SharkJack ๐Ÿฆˆ

A Quick-Start Guide for the Hak5 SharkJack, a portable network attack tool

Access the SharkJack

  1. Switch to Arming Mode (center), and connect to PC via Ethernet
  2. Find the IP: Default is, run ifconfig to check
  3. Login: ssh root@, using password hak5shark
  4. On first setup, change the default password, run passwd

Navigating the SharkJack

  • The active payload is located at: ~/payload/
  • Captured loot is stored with the ~/loot/... directory
  • To save all loot locally, run: scp -r root@* .
  • To upload a new payload, run scp root@

Conducting an Attack

  1. Flip into Attack Mode (fully forward), and wait for LED to go magenta
  2. Plug device into victim Ethernet port, watch LED's blink
  3. Once LED turns off, unplug device and switch to off

Out-of-the box, the ShakJack comes with an nmap payload, useful for initial network reconnaissance

Additional Tools

CLI Helper Tool

The SharkJack Helper a CLI tool for carrying out common tasks:
Get a shell, push a payload, grab saved loot and upgrade the firmware etc

  1. Download from:
  2. Make executable: chmod +x
  3. Run ./, and follow on-screen prompts

Web Interface

Once the firmware has been updated (V1.01 and newer), you can access the SharkJack's web interface by visiting in your browser. From here you can view and modify the current payload, download your loot and view device status

Cloud C2

  1. Download and run Cloud C2 for your system, from
  2. Go to Add Device --> SharkJack. Then select the listing --> Setup, and config file will download
  3. The device.config needs to be uploaded to /etc. Run scp device.config root@
  4. To connect, run CTCONNECT. Back on the web interface, your now able to open a shell, for remote access!
  5. To get the loot, run C2EFIL STRING /root/loot/nmap/nmap-scan_1.txt nmap, data now will show up in Loot tab!

Note that it the SharkJack does not connect to CloudC2 automatically, but by using the CTCONNECT and C2EFIL .. commands to your payload, you'll be able to exfiltrate the loot immediately, and access it remotely.

Reference Info

Switch Positions

  • Back: Off/ Charging
  • Middle: Arming Mode
  • Front: Attack Mode

LET Lights

  • Green (blinking): Booting up
  • Blue (blinking): Charging
  • Blue (solid): Fully Charged
  • Yellow (blinking): Arming Mode
  • Red (blinking): Error / No Payload

Individual Payloads have their own LED routines, but usually:
Red: Setup, Amber: Scanning, Green: Finished


  • OS: OpenWRT 19.07-based GNU/Linux
  • SoC: 580MHz MediaTek MT7628DAN mips CPU
  • MEMORY: 64 MB DDR2 RAM, 64 MB SPI Flash
  • IO: RJ45 IEEE 802.3 Ethernet + USB-C charge port
  • DIMENSIONS: 62 x 21 x 12 mm
  • POWER: 2.5W (USB 5V 0.5A)
  • BATTERY: 1S 401020 3.7V 50mAh 0.2W LiPo
  • BATTERY TIMES: ~15 mins run, ~7 mins charge
  • TEMP: Operating- 35ยบC ~ 45ยบC, Storage -20ยบC ~ 50ยบC
  • RELATIVE HUMIDITY: 0% to 90% (noncondensing)

My worry about the future of Keybase ๐Ÿ˜Ÿ

When I heard that Zoom had acquired Keybase last week, my initial reaction was that it was a prank.

A bit of background

Keybase is a cryptography-based platform, where you control your private keys and use them to encrypt files, messages and more. It's mostly used by techy people and the privacy-conscious. Personally, I've been a big fan, and user of keybase for the past 4 years.
And Zoom, it seemed to come from nowhere when lockdown started, suddenly it was super popular: it has allowed us to stay in touch with our friends and family, for free and with excellent video quality. But it seems that nearly everyday recently, there's been another critical security issue with Zoom, they don't come across as a company that values the privacy of their users.

My Worries about the future of Keybase

This is an extract from the acquisition article posted on Keybase:

"Initially, our single top priority is helping to make Zoom even more secure. There are no specific plans for the Keybase app yet. Ultimately Keybase's future is in Zoom's hands, and we'll see where that takes us. Of course, if anything changes about Keybaseโ€™s availability, our users will get plenty of notice."

This is what worries me about the above quote:

  • "๐˜–๐˜ถ๐˜ณ ๐˜ด๐˜ช๐˜ฏ๐˜จ๐˜ญ๐˜ฆ ๐˜ต๐˜ฐ๐˜ฑ ๐˜ฑ๐˜ณ๐˜ช๐˜ฐ๐˜ณ๐˜ช๐˜ต๐˜บ ๐˜ช๐˜ด ๐˜ฉ๐˜ฆ๐˜ญ๐˜ฑ๐˜ช๐˜ฏ๐˜จ ๐˜ต๐˜ฐ ๐˜ฎ๐˜ข๐˜ฌ๐˜ฆ ๐˜ก๐˜ฐ๐˜ฐ๐˜ฎ ๐˜ฆ๐˜ท๐˜ฆ๐˜ฏ ๐˜ฎ๐˜ฐ๐˜ณ๐˜ฆ ๐˜ด๐˜ฆ๐˜ค๐˜ถ๐˜ณ๐˜ฆ" - Implies, that the KeyBase team will now be working on the Zoom platform, and not Keybase.
  • "๐˜Œ๐˜ท๐˜ฆ๐˜ฏ ๐˜ฎ๐˜ฐ๐˜ณ๐˜ฆ ๐˜ด๐˜ฆ๐˜ค๐˜ถ๐˜ณ๐˜ฆ" - HA! They are pretending Zoom is secure
  • "๐˜›๐˜ฉ๐˜ฆ๐˜ณ๐˜ฆ ๐˜ข๐˜ณ๐˜ฆ ๐˜ฏ๐˜ฐ ๐˜ด๐˜ฑ๐˜ฆ๐˜ค๐˜ช๐˜ง๐˜ช๐˜ค ๐˜ฑ๐˜ญ๐˜ข๐˜ฏ๐˜ด ๐˜ง๐˜ฐ๐˜ณ ๐˜ต๐˜ฉ๐˜ฆ ๐˜’๐˜ฆ๐˜บ๐˜ฃ๐˜ข๐˜ด๐˜ฆ ๐˜ข๐˜ฑ๐˜ฑ ๐˜บ๐˜ฆ๐˜ต" - this doesn't sound good
  • "๐˜œ๐˜ญ๐˜ต๐˜ช๐˜ฎ๐˜ข๐˜ต๐˜ฆ๐˜ญ๐˜บ ๐˜’๐˜ฆ๐˜บ๐˜ฃ๐˜ข๐˜ด๐˜ฆ'๐˜ด ๐˜ง๐˜ถ๐˜ต๐˜ถ๐˜ณ๐˜ฆ ๐˜ช๐˜ด ๐˜ช๐˜ฏ ๐˜ก๐˜ฐ๐˜ฐ๐˜ฎ'๐˜ด ๐˜ฉ๐˜ข๐˜ฏ๐˜ฅ๐˜ด" - FUCK
  • "๐˜ช๐˜ง ๐˜ข๐˜ฏ๐˜บ๐˜ต๐˜ฉ๐˜ช๐˜ฏ๐˜จ ๐˜ค๐˜ฉ๐˜ข๐˜ฏ๐˜จ๐˜ฆ๐˜ด ๐˜ข๐˜ฃ๐˜ฐ๐˜ถ๐˜ต ๐˜’๐˜ฆ๐˜บ๐˜ฃ๐˜ข๐˜ด๐˜ฆโ€™๐˜ด ๐˜ข๐˜ท๐˜ข๐˜ช๐˜ญ๐˜ข๐˜ฃ๐˜ช๐˜ญ๐˜ช๐˜ต๐˜บ" - Makes it sound like Keybase could one day be discontinued

And from the Zoom blog post:

  • "๐˜ž๐˜ฆ ๐˜ข๐˜ณ๐˜ฆ ๐˜ฆ๐˜น๐˜ค๐˜ช๐˜ต๐˜ฆ๐˜ฅ ๐˜ต๐˜ฐ ๐˜ช๐˜ฏ๐˜ต๐˜ฆ๐˜จ๐˜ณ๐˜ข๐˜ต๐˜ฆ ๐˜’๐˜ฆ๐˜บ๐˜ฃ๐˜ข๐˜ด๐˜ฆโ€™๐˜ด ๐˜ต๐˜ฆ๐˜ข๐˜ฎ ๐˜ช๐˜ฏ๐˜ต๐˜ฐ ๐˜ต๐˜ฉ๐˜ฆ ๐˜ก๐˜ฐ๐˜ฐ๐˜ฎ ๐˜ง๐˜ข๐˜ฎ๐˜ช๐˜ญ๐˜บ" - Yup, they bought Keybase just to use their engineers
  • "๐˜›๐˜ฉ๐˜ช๐˜ด ๐˜ข๐˜ค๐˜ฒ๐˜ถ๐˜ช๐˜ด๐˜ช๐˜ต๐˜ช๐˜ฐ๐˜ฏ ๐˜ฎ๐˜ข๐˜ณ๐˜ฌ๐˜ด ๐˜ข ๐˜ฌ๐˜ฆ๐˜บ ๐˜ด๐˜ต๐˜ฆ๐˜ฑ ๐˜ง๐˜ฐ๐˜ณ ๐˜ก๐˜ฐ๐˜ฐ๐˜ฎ ๐˜ข๐˜ด ๐˜ธ๐˜ฆ ๐˜ข๐˜ต๐˜ต๐˜ฆ๐˜ฎ๐˜ฑ๐˜ต ๐˜ต๐˜ฐ ๐˜ข๐˜ค๐˜ค๐˜ฐ๐˜ฎ๐˜ฑ๐˜ญ๐˜ช๐˜ด๐˜ฉ ๐˜ต๐˜ฉ๐˜ฆ ๐˜ค๐˜ณ๐˜ฆ๐˜ข๐˜ต๐˜ช๐˜ฐ๐˜ฏ ๐˜ฐ๐˜ง ๐˜ข ๐˜ต๐˜ณ๐˜ถ๐˜ญ๐˜บ ๐˜ฑ๐˜ณ๐˜ช๐˜ท๐˜ข๐˜ต๐˜ฆ ๐˜ท๐˜ช๐˜ฅ๐˜ฆ๐˜ฐ ๐˜ค๐˜ฐ๐˜ฎ๐˜ฎ๐˜ถ๐˜ฏ๐˜ช๐˜ค๐˜ข๐˜ต๐˜ช๐˜ฐ๐˜ฏ๐˜ด ๐˜ฑ๐˜ญ๐˜ข๐˜ต๐˜ง๐˜ฐ๐˜ณ๐˜ฎ" - I don't think they have any intention of creating a "truly private" platform. And the word "attempt" doesn't exactly instill confidence in me
  • "๐˜–๐˜ถ๐˜ณ ๐˜จ๐˜ฐ๐˜ข๐˜ญ ๐˜ช๐˜ด ๐˜ต๐˜ฐ ๐˜ฑ๐˜ณ๐˜ฐ๐˜ท๐˜ช๐˜ฅ๐˜ฆ ๐˜ต๐˜ฉ๐˜ฆ ๐˜ฎ๐˜ฐ๐˜ด๐˜ต ๐˜ฑ๐˜ณ๐˜ช๐˜ท๐˜ข๐˜ค๐˜บ ๐˜ฑ๐˜ฐ๐˜ด๐˜ด๐˜ช๐˜ฃ๐˜ญ๐˜ฆ ๐˜ง๐˜ฐ๐˜ณ ๐˜ฆ๐˜ท๐˜ฆ๐˜ณ๐˜บ ๐˜ถ๐˜ด๐˜ฆ ๐˜ค๐˜ข๐˜ด๐˜ฆ, ๐˜ธ๐˜ฉ๐˜ช๐˜ญ๐˜ฆ ๐˜ข๐˜ญ๐˜ด๐˜ฐ ๐˜ฃ๐˜ข๐˜ญ๐˜ข๐˜ฏ๐˜ค๐˜ช๐˜ฏ๐˜จ ๐˜ต๐˜ฉ๐˜ฆ ๐˜ฏ๐˜ฆ๐˜ฆ๐˜ฅ๐˜ด ๐˜ฐ๐˜ง ๐˜ฐ๐˜ถ๐˜ณ ๐˜ถ๐˜ด๐˜ฆ๐˜ณ๐˜ด ๐˜ข๐˜ฏ๐˜ฅ ๐˜ฐ๐˜ถ๐˜ณ ๐˜ค๐˜ฐ๐˜ฎ๐˜ฎ๐˜ช๐˜ต๐˜ฎ๐˜ฆ๐˜ฏ๐˜ต ๐˜ต๐˜ฐ ๐˜ฑ๐˜ณ๐˜ฆ๐˜ท๐˜ฆ๐˜ฏ๐˜ต๐˜ช๐˜ฏ๐˜จ ๐˜ฉ๐˜ข๐˜ณ๐˜ฎ๐˜ง๐˜ถ๐˜ญ ๐˜ฃ๐˜ฆ๐˜ฉ๐˜ข๐˜ท๐˜ช๐˜ฐ๐˜ณ ๐˜ฐ๐˜ฏ ๐˜ฐ๐˜ถ๐˜ณ ๐˜ฑ๐˜ญ๐˜ข๐˜ต๐˜ง๐˜ฐ๐˜ณ๐˜ฎ" - When they talk about "balancing" the needs of customers, this implies that they will not be aiming for true end-to-end encryption and anonymity, it could be possible but I doubt Zoom will peruse that path

I know all this is just legal speak, and they have to word it in this way to cover themselves, but too me this is worrying. I'd come to love Keybase over the years, the team behind it are very talented, and have done an amazing job. It's going to be sad to say goodbye, but for now I'm going to enjoy it while I can :)

Expressing my Gratitude to the Universe ๐ŸŒŒ

Dear Universe,

AHT GPG Public Key ๐Ÿ”‘



Fingerprint: 8426 00E4 EDB7 9521 732F 4E6C 8E23 EC73 CE89 3A69

[HOW-TO] Enable/ Disable Pi-Hole from CLI ๐Ÿฅง

Pi Hole has an API that can be hit from browser, PostMan or CLI
This is useful for creating a physical button, voice command or automation script

To enable or diable Pi Hole, just hit the following end points
Disable URL : http://pi.hole/admin/api.php?disable&auth=[WEB_PASSWORD]
Enable URL : http://pi.hole/admin/api.php?enable&auth=[WEB_PASSWORD]
Disable for [X] Seconds: http://pi.hole/admin/api.php?disable=[X]&auth=[WEB_PASSWORD]

[WEB_PASSWORD] can be found in /etc/pihole/setupVars.conf
It is a 64-character string with the identifierWEBPASSWORD
It is NOT your pi-hole interface or server password

API Docs:

Or, if logged into pi server, run: pihole enable

Hello World ๐Ÿ‘‹

This is my blog. It has a bunch of random notes. The stuff here is mostly pointless, some of it's cool- but most of it pointless. Kind of like the rest of what I do with my life.

I keep the posts and information up-to-date.