Wiz Kubernetes LAN Party – Challenge Write-Up I spent some time working through the K8s LAN Party CTF challenges. They were tricky but really fun, and each one tested a different piece of Kubernet...

Troubleshooting Datadog APM Injection with Wiz Policies: What I Learned About Admission Controllers & AI Today a colleague brought me an issue: Wiz was blocking Pods in one of our Kubernetes c...

Cloudflare WAF (Part 1): Setting Up a Lab with Workers and Custom Rules I’ve been meaning to get some hands-on experience with Cloudflare’s Web Application Firewall (WAF). Since I already had a sp...

When Scripts Leak Secrets: API Credentials on macOS Endpoints One of the lesser-discussed security risks in endpoint management is the exposure of API credentials in scripts. I’ve run into this is...

Playing with LM Arena and NanoBanana Over the weekend I was experimenting with LM Arena, and stumbled across the mysterious NanoBanana model. Some people online are speculating it might be tied to...

How to Transfer YouTube Playlists Between Google Accounts Using Collaboration When decommissioning my Google Workspace account, I needed to migrate my YouTube playlists to a new personal Google ac...

Learning OIDC with Terraform Cloud and Azure: A Journey of Integration, Errors, and Resolution Today I embarked on a deep dive into setting up OIDC (OpenID Connect) between Terraform Cloud and Azu...

Welcome to Badclick.org! This is my personal space for sharing insights on cybersecurity, cloud security, automation, and helping non-profits protect their digital assets. Stay tuned for practica...