Starting a lab notebook
Why this blog exists, and the one rule I'm holding myself to: write up the dead ends, not just the wins.
This is the first entry. It exists mostly to prove the pipeline works — but also to set the one rule I care about: document the failures.
Most security write-ups present a clean path from question to exploit, as if the author never took a wrong turn. That’s not how any of it actually happens, and pretending otherwise makes the field feel more gatekept than it is. So the deal here is that the confusion stays in.
What this looks like in practice
A post here should have a shape:
- A specific, concrete thing I didn’t understand.
- The messy middle — what I tried, what broke, what I misread.
- Whatever I actually walked away knowing.
Code renders like this
Syntax highlighting is done at build time, so there’s no JavaScript shipped to your browser for it:
import socket
def grab_banner(host: str, port: int, timeout: float = 2.0) -> str:
with socket.create_connection((host, port), timeout) as s:
s.settimeout(timeout)
return s.recv(1024).decode(errors="replace").strip()
if __name__ == "__main__":
print(grab_banner("127.0.0.1", 22))And inline code looks like this. Block quotes are for the asides:
The scope is always systems I own or platforms built for testing. That line is the whole game.
That’s it. Replace this file with something real when you’re ready.