Using sudo for local privilege escalation - Patch your systems!

I recently came across CVE-2025-32463 and it re-emphasized to me the importance of making sure systems are being properly patched. This is a relatively easy exploit where the linux `sudo` utility is used to perform a local privilege escalation attack and gain root access to a vulnerable system. In this post, I'll show how I recreated the POC exploit on multiple flavors of linux as well as what to be on the lookout for if you are in charge of ensuring systems are patched.

2025, Jul 15   —  12 minute read

Post-Mortem: GCP/Cloudflare Outage and the Importance of Humility

On Thursday, June 12th, 2025, many online services experienced outages due to a cloud service provider issue. This outage impacted many services we use every day such as Spotify, Twitch, Discord, and even Nintendo. After an outage like this, it's important to learn as much as we can from the incidents, and one way I do that is by reading the post-mortems that companies publish. Cloudflare's stood out to me, and in this post I'm going to talk about how their humility impacted not only their response, but the major lessons I learned from this incident.

2025, Jun 16   —  12 minute read

Bring Your Own Model with GitHub Copilot

GitHub Copilot is a very helpful tool for developers, and one that I use all the time in my daily operations. One thing clients ask me a lot is about the different models that are available with Copilot, and they've wondered in the past if, instead of using the ones provided by GitHub, they could bring their own. In this post, I'll walk through how you can bring your own model to GitHub Copilot, and some of the things you should be aware of when doing so.

2025, May 04   —  2 minute read

RoastGPT - An AI-Powered Fantasy Football Weekly Recap Generator

I'm in a couple of Fantasy Football leagues, and one of my favorite parts of Fantasy Football is the trash talk. I wanted to build an AI that could roast my friends' teams for me. So I built did what any good developer would do - I wrote a script which uses an Azure OpenAI service to generate a recap of the week's matchups, complete with roasting each team.

2024, Oct 24   —  13 minute read

Lessons learned from GitHub Actions breaking change in ubuntu-latest runner image

GitHub pushed an update to the ubuntu-latest runner tag which updated it to use the ubuntu-24.04 image (as opposed to using the ubuntu-22.04 image). This caused breaking changes in, among other things, installing Python modules using PIP. This post was originally written to document the issue and how we resolved it, but GitHub has since rolled back the change to the ubuntu-latest runner tag. The post now serves as a lesson learned on why you should always install your own dependencies in GitHub Actions workflows.

2024, Sep 14   —  7 minute read

Xebia Innovation Day - Creating a GitHub Copilot VSCode Chat Extension

Today was Innovation Day at Xebia, and for my team's project we decided to try creating a VSCode Chat extension for GitHub Copilot. The extension would allow you to utilize Copilot's AI capabilities to help write SQL queries without having to directly tell Copilot about the database schema - something that Copilot currently struggles with. We learned a lot of interesting things through this project, and I'm excited to share them with you!

2024, Sep 14   —  21 minute read

GitHub Copilot Custom User Instructions

Have you ever wanted to be able to pre-define a set of instructions for GitHub Copilot to follow? In this post, we will explore how to set up custom user instructions for GitHub Copilot to enhance your coding experience.

2024, Aug 15   —  9 minute read

Creating a Kubernetes Operator Using C#

The Kubernetes Operator pattern allows for deployment and management of complex and dynamic Kubernetes workloads. It consists of a Kubernetes workload which monitors for Custom Resource Definition objects and maintains a desired state based off of parameters passed into those objects. In this post, we'll take a look at the anatomy of an operator and how to create one using the KubeOps DotNet library.

2023, Oct 10   —  16 minute read