Today I will go through how to setup your Freestyle and Pipeline jobs on Jenkins. If you still don’t have any idea on how to setup your Jenkins server. Here you are.

0x01 Freestyle Job

Freestyle job is the easy way to automate your build or testing jobs on Jenkins. On the Dashboard page, click New Item, name your item name and then choose Freestyle project and then click ok. At this time, you have to configure your freestyle project. In General section, you can config some basic information for this project as well as restrict this project only running on specific worker…


If you ever heard about CI/CD before, you must heard about Jenkins. Jenkins is the leading open source automation server which can build your code to complete your Continuous Integration and Continuous Delivery. I have been using Jenkins for a while. I will do a quick walk-through to guide you how to setup your first Jenkins server quickly and how to add worker agent.

In this article, I will use docker to install Jenkins as example. There are lots of different way to do it. Please refer here. Let’s start it

0x01 Installation

First, you have to create one folder to store…


Container technology is the most popular topic in recent years. Kubernetes is the orchestration system for container environment which is used by lots of people all around the world. You can easily setup your Kubernetes cluster on AWS, Azure and Google Cloud. What if you have to setup one cluster in your datacenter on your bare metal machines? This article will describe how you setup your Kubernetes cluster on your bare metal machines !!! I will use Ubuntu 18.04 as my example here.

0x01 Prerequisite

Before you kick off you installation, we have to check if br_netfilter kernel module has been loaded…


Shodan is one of the most powerful search engine for security researcher or pentester. You can find specific type of computer, like webcam, router, etc.. currently connecting on the internet and you can also find just “no password” system currently on line. CNN called Shodan the “Scariest search engine on the Internet” in 2013. So let’s start it !

0x01 Installation

Python and pip should be pre-installed on your system. And you can just quickly install shodan cli via pip.

pip3 install shodan

0x02 Get Your API key and Init Your Shodan CLI

Login to your Shodan website and click Account. You will find out your API key.


Recently I just provided one talk regarding container security in InfoSec Taiwan 2020 conference for Cloud Security Alliance community. Microservice is the most popular topic for about 3~5 years. Containerize your services is the main approach to orchestra your microservice. Gartner also predicts that by 2023, 70% of organizations will be running three or more containerized application in production.

In the past, developer and tester uses virtual machine to develop and test their product. When container technology comes out, all of them jump into it to expedite the whole development circle. Container technology provides the more convenience and fast way…


Recently I gave one speech in CyberSec 2020 conference hosted by iThome and talked about Internet route integrity. This article will note something regarding this event briefly and hope helping anyone interested in this field.

There are 2 major component composed Internet: Autonomous System (AS) and Internet Address (IP). IANA (Internet Assigned Numbers Authority) holds these 2 Internet number resources. IANA delegates Internet resources to 5 RIRs (Regional Internet Registry) which are AFRINIC, ARIN, APNIC, LACNIC and RIPE NCC. RIRs will assign these Internet number resources to companies or organizations which would provide Internet service. …


In this article, I will note and organize some privilege escalation skills used in my OSCP lab. Some are straightforward but fews are tricky. You have to refresh your brain and turn a corner. Before reading it, I highly recommend you to check g0tmi1t’s blog for basic Linux privilege escalation. Here comes the URL: https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/

\x01 Kernel Exploit

For kernel exploit, you have to identify the kernel version and what distribution you used. You can type the following command to do it, and then search any related exploits on exploit DB, wget it, fix it, compile it and execute it. …


Before you dig into it, I encourage you checking the following web site for your Windows Privilege Escalation.

https://www.fuzzysecurity.com/tutorials/16.htm

Privilege escalation on Windows platform was one of the hardest parts to me while my OSCP lab time. In my daily job and life, I don’t use Windows platform so often and am not familiar with it. I spent lots of time searching the related information on Google and try to organize all of my finding and do my best to note the scenario I encountered in OSCP lab to help the ones who need in any way.

\x01 Kernel Exploit

This is the…


(2020/02/11 Update: After installation, I keep facing pod network issue which is like deployed pod is unable to reach external network or pods deployed in different workers are unable to ping each other even I can see all nodes (master, worker1 and worker2) are ready via kubectl get nodes. After checking through the Kubernetes.io official website, I observed the nfstables backend is not compatible with the current kubeadm packages. Please refer the following link in “Ensure iptables tooling does not use the nfstables backend”. Please see the we link below:

The workaround will be to switch iptables to ‘legacy’ mode…


If you never try it, you won’t earn it. Recently I just completed PWK courses and earned my OSCP certification. It’s really a hard journey and it deserves to be my very first story on Medium!

After this, I will keep posting related technical stories which was found and re-organized during my preparation of OSCP. Please stay tuned.

\x01 Before OSCP

I heard OSCP about one year ago and think this would be significant milestone to my career path. Before starting your PWK course, I strongly recommend to try yourself on VulnHub and Hack In The Box. I sometimes spent all my weekend…

Jie Liau

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store