skz-opack

December 4, 2023

skz-opack is an automated OpenBSD bootstrapper.

Leveraging Packer, Vagrant boxes and a bit of black magic (also known as scripting) it enables frictionless execution of this wonderful operating system within a local virtual machine from a Linux host.

It can also emit a compliant Google Compute Engine image, ran in the cloud using Terraform.

skz-wg

September 12, 2023

skz-wg is a WireGuard VPN + lying Unbound DNS server + OpenBSD's Packet Filter firewall automated setup for OpenBSD with client configuration management.

It includes configuration files and QRcodes for clients, alongside inbound and outbound packet filtering to avoid leaks.

EuroBSDCon 2022

September 18, 2022

Code and slides for my talk Reviving and evaluating Thompson’s backdoor in OpenBSD’s make.

You can reproduce the evil binary backdoored make inside a VM with a prior version of skz-opack

IBM Blog

September 30, 2019

L’open source, indispensable à une entreprise résiliente

A post published on the official IBM Blog.

skz-pki

September 23, 2019

skz-pki is an idempotent PKI management system for OpenSSL, in a Makefile.

It supports adding servers and clients certificates via an intermediate CA for x509 and S.MIME, as well as revokation.

It still needs improvements for OSCP and alternative names.