Hi! I am Paul Spencer, a computer scientist. I am currently a full-time software engineer at MITRE and a part-time grad student at Georgia Tech.
Some of my greatest interests include information security, operating systems, HPC, and networks.
Please see my about page for more on what I do, and my projects page for a sampling of my personal undertakings.
See the blog archives for a more complete list.
2023-01-23 - HackerMatch
I was fortunate enough to attend ShmooCon with some coworkers this last weekend. This was my first ever cybersecurity conference, so I wasn’t really there with a purpose, mostly just to see what these things are like. One thing I immediately noticed was everyone’s attitude toward the challenges. It seemed that everyone was overwhelmed by how many different challenges there were and how you could really only pick one to complete successfully due to the short duration of the conference.
Some challenges were technical, others were not. One challenge in particular was hosted by Polarity. Essentially, each conference attendee was handed a card when they arrived. The card had a “hash” (really just a long random-looking hex string) and a message saying that seven cards with your hash exist. If you find someone else with a matching hash (hash collision), you can go to the Polarity booth to each claim a prize.
2022-12-23 - OSCP Review
I have working on breaking into the field of cybersecurity for some time now. One of the most popular ways to do so is to earn certifications. I did some research on which certifications might be the most beneficial to me, and discovered that the best technical certs are from Offensive Security (to nobody’s surprise I’m sure- they also created Metasploit and Kali Linux). The Offensive Security Certified Professional cert is probably the most widely known of their offerings, so that is what I decided to shoot for first.
Purchasing the PEN-200 Penetration Testing with Kali Linux (PWK) course costs about $1500. It comes with a few items: a textbook, videos, access to exercises, and access to the PWK labs.
2022-12-08 - Docker Compose save and load
I recently had the opportunity to extend the Docker Compose codebase to add the
In order to deploy software in an airgapped environment, both software and configurations must be transferred between networks. When Docker Compose is used for deployment, a the items to transfer between networks include the
docker-compose.ymlconfig file and the Docker image for each service. There is no obvious existing tool to prepare these items for transfer between networks, so I decided to build my own.