Hello Emacs Community!,
As everyone on this community, I’m an Emacs power user and have several niceties configured, gnus for Email, Doom Emacs, and I heavily use org mode, I recently used it for a ‘Incident Playbook’ which was basically making an incident and responding to it following certain steps, more of a Digital Forensics and Incident Response (DFIR) work.
So, I made a server in Ansible, made a test malware that will be ran in this server (delete a log file idk), and proceeded to do everything directly in org-mode, running every command via tramp to the server, getting any info from the disk and getting a dd and such. Finally I made a whole document with full details on the server in that point in time, which was pretty interesting as I could have this as a template for future incidents and have certain commands saved for this.
And I got the idea, wouldn’t it be interesting to have org mode files like these but for testing specific vulnerabilities?, even using a tool like NixOS or Guix to make commands that will get the old version x.x.x of nginx and I could test a vulnerability there, so it is also reproducible and everyone can use the org file and test this vulnerability?, basically more of a study and proof of concept rather than something more ‘heavy’ as in business related.
Does anyone have a similar use case?, I would love to hear for them as I want to go into the DFIR route.
TLDR. Not specific to an emacs programming or library question, but much more of a broader question about a cybersecurity workflow.