Docker for Mac with insecure private registry

Sometimes you need an own Docker registry for testing purpose. Here a simple way to setup and use a private insecure registry. For production – don’t do that!


Create insecure repository

SSH into your dedicated server…

Configure Docker for Mac

Start Docker for Mac and open “Preferences” – “Daemon”. Here just insert the IP plus specific port. When you are done press “Apply and Restart” button.

Docker for Mac Insecure registry

Build new image, tag and push

Create a new Dockerfile.

Now build the image, tag the image and push to your private registry.

Use insecure registry


You can see the images stored on your registry. Therefor SSH into your dedicated server again.

Simple Vault introduction

Today a tiny introduction to Vault from HashiCorp. I will just show the simplest usage. But this will help to get a first idea of Vault and the features.



Start Vault Server

Copy Root Token value to clipboard!!!


Create new environment “vault” under “Manage Environments” and store here your URL as “base_url” and Root Token as “api_key”.

insomnia vault environment

Now we create 4 simple requests

insomnia requests

for all requests we add Header

insomnia header

For first URL (POST: Add new secret) we use “{{ base_url }}/secret/MyFirstSecret” and we add following body as JSON.

After send the key:value is stored inside Vault. You can modify the request (e.q. “{{ base_url }}/secret/MySecondSecret”) and send some more.

Our next request is to show all keys (GET: Get list of secret keys) “{{ base_url }}/secret?list=true”. The Preview will show similar output.

insomnia get vault keys

3rd request is to get the value from a specific key (GET: Get value of specific secret) “{{ base_url }}/secret/MySecret”.

insomnia get vault value

Last request is for delete (DEL: Delete specific secret) “{{ base_url }}/secret/MySecret”.

Tipp: if you lost the root token (Vault server is running) you can find the value!

Shell linter evaluation and usage

Tomorrow, the 1st of August is a national holiday in Switzerland … So I do one day off and have some time. For a long time I wanted to deal with Shell lint. After some research, i found a few open-source tools. By the way … linters are being written for many programming languages and document formats.


For evaluation i will not install the tools on my local system,… so Vagrant (with CentOS 7) is my choice.

Note: I created the Vagrant box “lupin/centos” via Packer … here my GitHub repository.

Shell option -n

Many shell’s already offer a very simple script analysis. The option -n read commands in script, but do not execute them (syntax check).

Okay … but not really what I want… (more details are welcome)

shlint and checkbashisms

I found the repository here.

Note: for both tools you should change the shebang to “#!/bin/sh”

For shlint… I don’t get it. For checkbashisms … good if will write portable Shell scripts.


I found it here on Pypi.

Nice … but not really all Standards.


Shellcheck is known! Here the online service and here the repository.

I stay with that tool. Currently there are packages for almost every known OS.


Who knows me … knows that I do not like Installer and prefer Docker use. Here’s some fun.

😉 just for fun…

Docker, Telegraf, InfluxDB and Grafana

I have already presented various tutorials on docker monitoring. This time we will use Telegraf.

Project preparation

InfluxDB preparation

Telegraf preparation

… Read more about Telegraf on documentation page …

Note: The space after /etc is just because of security settings of my provider.

… after short time …

Grafana preparation

After login (admin:admin) you can add new Data Source.

Grafana InfluxDB Telegraf DataSource

Okay … all done … you can start to create Dashboards or search for existing Dashboards for import.

Penetration testing report via Serpico

Penetration testing make fun but writing penetration testing reports is boring. When you start you will look for templates or software which supports you. Here comes Serpico into the game. Serpico is a collaboration and report generation tool. The best… it is open-source.

Usage via Docker

Now you can use Serpico in your favorite browser…

Login with created credentials (admin/test123) and create your reports. On Youtube is a good introduction. If you don’t have Microsoft Words installed, you can view your reports online.


Open Source GUI tools for macOS

Tiny list for Open Source GUI tools for macOS to increase productivity…






Package Manager







macOS ScreenShots

I know there are already a lot of tutorials for this topic, but partly incomplete or no longer up to date. That’s why I’m trying now, since software testers create very often screenshots. 😉


The first possibility is the … here you can easily select with the mouse what you want to do. ScreenShots

via Keyboard

The next possibility are shortcuts. Here you don’t need to start!

Capture the entire screen

[Shift] + [Command] + [3]

Capture via specific selection

[Shift] + [Command] + [4]

Capture window/menu

[Shift] + [Command] + [4]

here you can press [Space] to toggle

Capture the current Touch Bar

[Shift] + [Command] + [6]

For save to clipboard press [Control] on all actions.

via Terminal

Note: please see man-pages – here you find more options!

ScreenShot Settings

Install Ansible inside virtualenv on CentOS7

There are many ways to install Ansible inside virtualenv on CentOS7, I would like to show now a very simple variant. Important are actually the CentOS packages at the beginning.


it can be so easy 😉