nerdymark's Software Engineering & Cybersecurity Blog

Welcome to my digital homestead — a curated collection of projects, writeups, and experiments in Python, cybersecurity, and creative coding.

Here you'll find CTF writeups covering Azure OAuth privilege escalation, AWS S3 multi-service exploitation, Kubernetes SSRF attack chains, Terraform state poisoning, Go malware reverse engineering, and supply-chain compromises on GitHub Actions runners. You'll also find side projects like the Pokemon Sleep Roster Analyzer, an RDP/VNC network scanner, a LinkedIn feed analyzer powered by Gemini, and word-puzzle solvers for Wordle and Hardle. Plus notes on building this Flask site, migrating to AWS, Bluesky cross-posting, and running a personal AI robot out of my garage.

I'm Mark LaCore — Senior Software Engineer at Apple by day, Raspberry Pi tinkerer by night. 25 years of turning caffeine into code, 20+ years of playing guitar, and a growing collection of CTF trophies. Explore the posts below, browse the CTF writeups, or drop me a line.

Merge pull request #4 from nerdymark/feature/atlas-hall-of-fame Atlas world map... 

File: backend/database.py
 def get_host_stats(db_path: str) -> dict:
         total = conn.execute("SELECT COUNT(*) FROM hosts").fetchone()[0]
         rdp_open = conn.execute("SELECT COUNT(*) FROM hosts WHERE rdp_open = 1").fetchone()[0]
         vnc_open = conn.execute("SELECT COUNT(*) FROM hosts WHERE vnc_open = 1").fetchone()[0]
+        # A "jackpot" is a host we actually got a visible login/desktop from —
+        # it has an RDP or VNC screenshot saved.
+        jackpots = conn.execute(
+            "SELECT COUNT(*) FROM hosts "
+            "WHERE COALESCE(screenshot_path, '') != '' "
+            "   OR COALESCE(vnc_screenshot_path, '') != ''"
+        ).fetchone()[0]
         subnets_scanned = conn.execute("SELECT COUNT(DISTINCT subnet_id) FROM hosts").fetchone()[0]
         total_scans = conn.execute("SELECT COUNT(*) FROM scans").fetchone()[0]
         announced = conn.execute("SELECT COUNT(*) FROM hosts WHERE announced = 1").fetchone()[0]
         return {
             "total_hosts": total,
             "rdp_open": rdp_open,
             "vnc_open": vnc_open,
+            "jackpots": jackpots,
             "subnets_scanned": subnets_scanned,
             "total_scans": total_scans,
             "announced": announced,
 def get_host_stats(db_path: str) -> dict:
         conn.close()
+def list_jackpots(db_path: str) -> list[dict]:
+    """Hosts with at least one captured RDP or VNC screenshot, newest first."""
+    conn = get_connection(db_path)
+    try:
+        rows = conn.execute(
+            "SELECT * FROM hosts "
+            "WHERE COALESCE(screenshot_path, '') != '' "
+            "   OR COALESCE(vnc_screenshot_path, '') != '' "
+            "ORDER BY last_seen_at DESC"
+        ).fetchall()
+        return [_parse_host_json(dict(r)) for r in rows]
+    finally:
+        conn.close()
+
+
 def get_unannounced_rdp_hosts(db_path: str) -> list[dict]:
     conn = get_connection(db_path)
     try:
File: backend/main.py
 async def _scan_watchdog(db_path: str) -> None:
     allow_headers=["*"],
 )
-from backend.routers import subnets, scans, hosts, geoip  # noqa: E402
+from backend.routers import subnets, scans, hosts, geoip, stats  # noqa: E402
 app.include_router(subnets.router)
 app.include_router(scans.router)
 app.include_router(hosts.router)
 app.include_router(geoip.router)
+app.include_router(stats.router)
 # --- Screenshot endpoint ---
File: backend/models.py
 class HostStats(BaseModel):
     total_hosts: int
     rdp_open: int
     vnc_open: int = 0
+    jackpots: int = 0
     subnets_scanned: int
     total_scans: int
     announced: int
Read more...