An attempt at building small scale, repeatable (but not reproducible), Security Labs for the small scale researcher
I have noticed that most configuration management, and virtual infrastructure management, focuses on users with more resources. This is my attempt to fill the gap. Right now it's home to a few configs and commands and none of them are production ready. Some flat out don't work yet.
One of the harder parts of doing small scale research is sometimes choosing your tooling and rarely does anybody discuss the whys. My Plan is to provide configurations and technology choices so that you can either use mine, or you can at least have a good base to start your own.
- Puppet
- Virtual Machine Image Builds
- ConfigurationsI
- Convenient Shell Scripts
- Actual Write-ups
This repository has been archived and superseded by [Kali-Bootstrap-Documentation https://github.com/HowWeLand/Kali-Bootstrap-Project/tree/main**].**
This repo contains exploratory work and proof-of-concept scripts that demonstrate useful patterns, even if the overall structure has been superseded.
- javascript-apocalypse.sh - Demonstrates aptitude tagging for tracking transitive JavaScript dependencies across multiple package managers
- dependency-detective.sh - Forensic analysis for orphaned package dependencies
- apt-tag system - Semantic package management using aptitude user tags
These scripts showcase problem-solving approaches that may be useful as reference material.
The systematic documentation project at [new repo link] takes a more structured approach with:
- Epistemological transparency (explaining why not just how)
- Modular decision points
- Threat modeling
- Anti-cargo-culting documentation
This archive remains as a record of the exploratory phase that led to that methodology.
Status: Locked and archived [11-30-2025]