More summaries and tags

content/posts/README.md

@@ -2,18 +2,17 @@
 author: "Halvo (Human)"
 title: "README"
 date: 2019-08-01
+tags:
+  - blog
+  - security
+  - notes
 draft: false
+summary: |
+  A quick intro to the personal security‑research blog—where I mash together mini‑studies, and reading notes.
 ---
 
 ## Security Blog
 
 This blog is various summaries of minor research, reading, and independant learning in regards to computer security.
 
-Mostly this blog is to satisfy the requiremnts for my Security+ certificate.
-
-## Cert ID
-
-Security+ ID: COMP001021281239
-
-Exp Date: 04/04/2024
 

content/posts/code-complete-summations-metaphors.md

@@ -2,7 +2,15 @@
 author: "Halvo (Human)"
 title: "Metaphors: Code Complete Summations"
 date: 2023-11-13
+tags:
+  - code-complete
+  - metaphors
+  - software-development
+  - security
+  - coding-practices
 draft: false
+summary: |
+  A light‑hearted look at Steve McConnell’s “Code Complete” metaphors—Penmanship, Farming, and Oyster Farming—and how each style can make your code more or less secure. Think of Penmanship as scribbling a quick note (great for tiny scripts, terrible for big projects), Farming as planting seeds with a bit of watering (testing each piece, but still lacking a master plan), and Oyster Farming as building a sturdy oyster bed (design first, then grow securely). Spoiler: the oyster wins the security contest.
 ---
 
 ## Introduction

content/posts/code-complete-summations-pre-requisets-part-1.md

@@ -2,7 +2,17 @@
 author: "Halvo (Human)"
 title: "Pre-Requisites (Part I) Initial Design: Code Complete Summations"
 date: 2023-12-20
+tags:
+  - pre-requisites
+  - insecure-design
+  - owasp-top-10
+  - security
+  - software-design
+  - planning
+  - requirements
 draft: false
+summary: |
+  A breezy, slightly tongue‑in‑cheek look at why solid planning isn’t just good housekeeping—it’s a frontline defense. We walk through OWASP’s Insecure Design warning, compare personal versus mission‑critical projects, and tease out iterative vs. sequential approaches, all with a sprinkle of humor to keep the security talk from feeling like a lecture.
 ---
 
 ## Introduction

content/posts/code-complete-summations-pre-requisets-part-2.md

@@ -2,7 +2,19 @@
 author: "Halvo (Human)"
 title: "Pre-Requisites (Part II) Initial Design: Code Complete Summations"
 date: 2023-12-26
+tags:
+  - pre-requisites
+  - insecure-design
+  - owasp-top-10
+  - architecture
+  - communication-protocols
+  - data-design
+  - ui-separation
+  - error‑logging
+  - security
 draft: false
+summary: |
+  A light‑hearted deep‑dive into architectural prerequisites—communication, class skeletons, data design, UI separation, and error/log handling. Think of it as laying a solid blueprint before the code construction crew arrives, because a wobbly foundation makes for a lot of late‑night debugging (and security headaches).
 ---
 
 ## Introduction

content/posts/code-complete-summations-pre-requisets-part-3.md

@@ -2,7 +2,19 @@
 author: "Halvo (Human)"
 title: "Pre-Requisites (Part III) Initial Design: Code Complete Summations"
 date: 2024-03-05
+tags:
+  - pre-requisites
+  - insecure-design
+  - owasp-top-10
+  - resource-management
+  - databases
+  - threading
+  - file-handles
+  - error-processing
+  - security
 draft: false
+summary: |
+  A breezy look at the nitty‑gritty of resource and error management—databases, threading, file handles, and error‑handling philosophies. It’s the “don’t forget to tighten the bolts” chapter, reminding us that unmanaged resources and sloppy error handling are the secret doors that attackers love to sneak through.
 ---
 
 ## Introduction

content/posts/code-complete-summations-variable-names.md

@@ -2,7 +2,15 @@
 author: "Halvo (Human)"
 title: "Variable Usage: Code Complete Summations"
 date: 2024-02-23
+tags:
+  - variable-naming
+  - code-complete
+  - security
+  - best-practices
+  - software-development
 draft: false
+summary: |
+  A breezy look at why good variable names, sensible placement, proper initialization, and single‑purpose usage aren’t just tidy coding habits—they’re tiny security shields. Clear names like `sanitizedUserInput` keep bugs (and attackers) from slipping through the cracks, while keeping variables close to their use and initialized from the get‑go reduces the chance of leaks, memory mishaps, and confusing code.
 ---
 
 ## Introduction

content/posts/exploring-enrollment-over-secure-transport.md

@@ -2,7 +2,17 @@
 author: "Halvo (Human)"
 title: "Exploring Enrollment over Secure Transport"
 date: 2023-03-30
+tags:
+  - est
+  - secure-transport
+  - certificate-pinning
+  - public-key
+  - tls
+  - authentication
+  - security
 draft: false
+summary: |
+  A light‑hearted dive into RFC 7030 (EST) as a smarter alternative to hard‑coded, pinned certificates. By letting clients fetch fresh TLS certs via a public‑key‑authenticated EST server, you dodge the nightly release‑cycle nightmare, gain easy revocation, and keep the private key out of the binary—plus a dash of extra work for the user that’s worth the security payoff.
 ---
 
 ## Introduction

content/posts/fast-flux-botnet-overview.md

@@ -2,7 +2,16 @@
 author: "Halvo (Human)"
 title: "Fast Flux Botnet Overview"
 date: 2019-09-26
+tags:
+  - fast-flux
+  - botnet
+  - dns
+  - detection
+  - mitigation
+  - security
 draft: false
+summary: |
+  A breezy, tour of fast‑flux botnets, those sneaky DNS tricks that let malicious actors hop around like digital grasshoppers. We’ll peek at how dynamic DNS and round‑robin magic keep the bad guys’ command‑and‑control servers slippery, and glance at the cat‑and‑mouse game of detection (TTL tricks, activity indexes, and the occasional semantic sleuthing). Spoiler: it’s a wild ride, but the good news is there are ways to shine a flashlight on the flux.
 ---
 
 ## Introduction

content/posts/pseudo-random-number-generators.md

@@ -2,7 +2,16 @@
 author: "Halvo (Human)"
 title: "Pseudo Random Number generators"
 date: 2024-03-22
+tags:
+  - prng
+  - randomness
+  - cryptography
+  - entropy
+  - hardware
+  - security
 draft: false
+summary: |
+  A light‑hearted tour of the quirky ways we coax randomness out of lava‑lamps, Geiger counters, ambient noise, and good‑old motherboard sensors, because good cryptography needs a little chaos (and a lot of fun).
 ---
 
 ## Introduction

content/posts/random-algorithm-analysis.md

@@ -2,7 +2,16 @@
 author: "Halvo (Human)"
 title: "Random Algorithm Analysis"
 date: 2020-04-17
+tags:
+  - random-algorithms
+  - analysis
+  - silence-on-the-wire
+  - security
+  - python
+  - randomness
 draft: false
+summary: |
+  A playful replay of Zalewski’s “Silence on the Wire” experiment: plotting 3‑D scattergrams of various RNGs (Python, shuf, urandom, online services) to see if any have secretly upgraded their magic. Spoiler: they all look suspiciously alike.
 ---
 
 ## Introduction

content/posts/rsa-optimization.md

@@ -2,7 +2,15 @@
 author: "Halvo (Human)"
 title: "RSA Optimization"
 date: 2022-12-06
+tags:
+  - rsa
+  - optimization
+  - instruction-set
+  - cryptography
+  - performance
 draft: false
+summary: |
+  A dive into a custom ISA for RSA: modular‑instruction shortcuts, multiply‑subtract tricks, and exponentiation‑by‑squaring hacks that shave a few cycles off the dreaded big‑number math.
 ---
 
 ## INTRODUCTION

content/posts/secure-coding-in-c-summations-concurrency.md

@@ -2,7 +2,16 @@
 author: "Halvo (Human)"
 title: "Concurrency: Summations of Secure Coding in C and C++"
 date: 2023-01-27
+tags:
+  - concurrency
+  - mutex
+  - threading
+  - c
+  - cpp
+  - secure-coding
 draft: false
+summary: |
+  A light‑hearted rant about why a plain‑old `mutex` is the hero of secure C/C++ concurrency, why `goto` is still secretly useful, and how to keep your locks short and your bugs shorter.
 ---
 
 ## Introduction

content/posts/secure-coding-in-c-summations-file-io.md

@@ -2,7 +2,16 @@
 author: "Halvo (Human)"
 title: "Concurrency: Summations of Secure Coding in C and C++"
 date: 2023-06-29
+tags:
+  - file-io
+  - secure-coding
+  - c
+  - cpp
+  - permissions
+  - least-privilege
 draft: false
+summary: |
+  A breezy guide to keeping file operations safe: validate paths, lock down permissions, and never let a privileged process wander into a user’s temp folder.
 ---
 
 ## Introduction

content/posts/secure-coding-in-c-summations-free-and-null.md

@@ -2,7 +2,17 @@
 author: "Halvo (Human)"
 title: "Set to NULL After Free: Summations of Secure Coding in C and C++"
 date: 2022-08-17
+tags:
+  - free-and-null
+  - secure-coding
+  - c
+  - cpp
+  - memory-management
+  - pointers
+  - security
 draft: false
+summary: |
+  A breezy, slightly tongue‑in‑cheek look at why setting pointers to `NULL` right after `free` (and a few related memory‑management niceties) can save you from nasty use‑after‑free bugs, memory leaks, and the occasional midnight debugging panic.
 ---
 
 ## Introduction

content/posts/secure-coding-in-c-summations-null-terminate-2.md

@@ -2,7 +2,15 @@
 author: "Halvo (Human)"
 title: "Always null Terminate (Part 2): Summations of Secure Coding in C and C++"
 date: 2022-08-13
+tags:
+  - string-concatenation
+  - null-termination
+  - c
+  - cpp
+  - secure-coding
 draft: false
+summary: |
+  The sequel to the null‑termination saga, now tackling `strcat`, `strncat`, `strlcat`, and friends—plus a quick table to keep your concatenations from turning into catastrophes.
 ---
 
 ## Introduction
@@ -11,7 +19,7 @@ Series on summarizing themes in "Secure Coding in C and C++" by Robert C. Seacor
 
 This is written for an audience that has a broad overview of security concepts. Not much time is spent explaining each concept, and I encourage everyone to read the book.
 
-The first theme to discuss is always `null` terminating `char *` or `char array` buffers (unless you have a *very* specific reason for not). This is very important to help prevent buffer overflows, reading arbitrary memory, accessing 'inaccessible' memory. This is part 2 where we will discuss string cat and length. For a brief discussion on string copy see [part 1](/posts/secure-coding-in-c-summations-null-terminate.md).
+The first theme to discuss is always `null` terminating `char *` or `char array` buffers (unless you have a *very* specific reason for not). This is very important to help prevent buffer overflows, reading arbitrary memory, accessing 'inaccessible' memory. This is part 2 where we will discuss string cat and length. For a brief discussion on string copy see [part 1](posts/secure-coding-in-c-summations-null-terminate.md).
 
 ## Functions Needing null
 

content/posts/secure-coding-in-c-summations-null-terminate.md

@@ -2,7 +2,15 @@
 author: "Halvo (Human)"
 title: "Always null Terminate: Summations of Secure Coding in C and C++"
 date: 2021-09-01
+tags:
+  - null-termination
+  - strings
+  - c
+  - cpp
+  - secure-coding
 draft: false
+summary: |
+  A light‑hearted reminder that every character buffer deserves a `'\0'`—otherwise you’re inviting buffer overflows, stray reads, and a lot of debugging grief.
 ---
 
 ## Introduction

content/posts/stateless-detection-of-malicious-traffic.md

@@ -2,7 +2,15 @@
 author: "Halvo (Human)"
 title: "Stateless Detection of Malicious Traffic"
 date: 2019-08-23
+tags:
+  - stateless-detection
+  - network-security
+  - traffic-analysis
+  - ids
+  - machine-learning
 draft: false
+summary: |
+  A recap of my master’s thesis that proves you can sniff out nasty traffic using only one‑way packet metadata (TTL, ports, timing)—no payload inspection required.
 ---
 
 ## Introduction