Site Scan 2022-08-28
🔎

Site Scan 2022-08-28

Last Updated
Last updated September 1, 2022
Status
Public
Public
Published
Published August 28, 2022
Date
Reminder Date
URL
Tags
Work
Portfolio
Emotions
Description
Tweet
Featured
Featured
Slug
site-scan
BG Music or Vid
Company
Hours Worked On
My Interest
My Interest Number Ring
Contents
 

 

Making of Video

https://youtu.be/7-zcO1BAFC0
 
Video preview
 
Apologies, uploaded to my gaming account DadNotBot instead of GregWorks.
 

 

Git Repo with All Assets

https://github.com/gsteve3/quick-scan-2022-08-28
quick-scan-2022-08-28
GregSweatsUpdated Aug 29, 2022
 
  • I realized that the NextJS Template that publishes this website doesn’t handle uploaded assets, such as PDFs.
  • I thought Gists would work, but not so much. A Gist is still used so it can be easily loaded into the markdown.live editor.
 
 

 

Mermaid - Background

 

Live Editor URL (Play with Chart/Themes)

https://mermaid.live/edit?gist=https://gist.github.com/GregSweats/bada1bb2512a581ce71cfaad82f907a6
 
notion image
 
notion image
 

Mermaid Chart Source Code

%% graph TD flowchart TD site((PrecisionDrilling.com)) host(WP Engine) waf1(WP Engine) waf2(Cloudflare) dns(Azure DNS) ns_registrar("Network Solutions (GoDaddy)") cms(WordPress) cms_login(/wp-admin/ OPEN) site -- Hosted By --> host site -- NS Registrar --> ns_registrar site -- DNS Provider --> dns site -- Protected By WAF1 --> waf1 site -- Protected By WAF2 --> waf2 rx("Recommendations (RX) & Vulnerabilities") vuln1("XSS Injection on Site Search, unattackable - Low Risk") rx1("Nothing IRL, WAF did its job.") rx1_why("Could reduce OWASP! ZAP Alerts") vuln2(WP Login Open - High Risk) rx2("Lockdown /wp-admin/ by IP or HTTP User/Pass") rx2_why(Prevent most junk login attempts, reduce log clutter) site --> rx vuln1 -- Blocked By Cloudflare --> waf2 rx --> vuln1 vuln1 -- RX --> rx1 rx1 -- Why? --> rx1_why rx --> vuln2 vuln2 -- RX --> rx2 rx2 -- Why? --> rx2_why site --> cms cms --> cms_login cms_login --> vuln2 dns_target("CNAME m6blypcji6rh.wpeproxy.com.") dns --> dns_target dns_target --> host %% %% %% %% cloudflare %% %% %% cloudflare_why("&quot;WP Engine recommends Cloudflare when configuring DNS because...&quot; ") cloudflare_why_src("<https://wpengine.com/support/cloudflare-best-practices/>") cloudflare_why --> cloudflare_why_src waf2 --> cloudflare_why host --> waf2 %% %% %% %% Scans Done %% %% %% scans("Scans Performed") scan1(OWASP! ZAP) scan2(Burp) scan3(wpsec.com) site --> scans scans --> scan1 scans --> scan2 scans --> scan3 %% ("<https://wpsec.com/scan/?id=1eb9f5e51054e231071c4cb745ab1413>")

Gist URL to Raw Source Code

https://gist.githubusercontent.com/GregSweats/bada1bb2512a581ce71cfaad82f907a6/raw/411be26f9ca328fcd832424a697db3854ab56694/code.mmd
 
  • Gist created with vscode plugin GistPad
 
 

View Gist on GitHub

https://gist.github.com/GregSweats/bada1bb2512a581ce71cfaad82f907a6#file-pd-1-mermaid
 
 

Rendered Chart with Mermaid Live Editor

notion image
 
 
 

Contact Author

 
Greg Stevens, Dalyle DevOps Inc.
  • (403) 213-5644 (best)
  • (403) 498-6809 (mobile)
 
notion image

 

Meta

Note’s Markdown Source from Obsidian

 
 

 

PDF Export

From Obsidian (unpublished)

 

From Notion (art.stevens.pro)