https://danielkhrapko.com/Recent content on Daniel KhrapkoHugo -- gohugo.ioen-usSun, 08 Feb 2026 20:16:16 -0500https://danielkhrapko.com/posts/sideloading-apps-in-apples-ecosystem/Sun, 08 Feb 2026 20:16:16 -0500https://danielkhrapko.com/posts/sideloading-apps-in-apples-ecosystem/<h2 id="apple-tries-to-make-signing-ipa-files-complicated-to-stop-people-from-sideloading-this-post-will-demonstrate-how-to-sideload-in-a-simple-step-by-step-format">Apple tries to make signing IPA files complicated to stop people from sideloading. This post will demonstrate how to sideload in a simple step-by-step format.</h2> <p><img src="cover.jpg" alt=""></p>https://danielkhrapko.com/posts/my-first-blog-post/Sat, 31 Jan 2026 02:29:13 -0500https://danielkhrapko.com/posts/my-first-blog-post/<p>Hello there! This is my first blog post on my site. To be honest, I&rsquo;m not too sure what I should write about for my first post, but that&rsquo;s the whole reason I wanted to start a blog: to get better at writing and documenting!</p> <p><img src="Marktwainquote.jpg" alt="Mark Twain Quote: I notice that you use plain, simple language, short words and brief sentences. That is the way to write English - it is the modern way and the best way. Stick to it; don&rsquo;t let fluff and flowers and verbosity creep in."></p>https://danielkhrapko.com/certifications/Mon, 01 Jan 0001 00:00:00 +0000https://danielkhrapko.com/certifications/Verified certifications (IT + Design).https://danielkhrapko.com/contact/Mon, 01 Jan 0001 00:00:00 +0000https://danielkhrapko.com/contact/Contact Pagehttps://danielkhrapko.com/security/Mon, 01 Jan 0001 00:00:00 +0000https://danielkhrapko.com/security/<p>If you believe you’ve found a security vulnerability affecting <strong>danielkhrapko.com</strong>, please report it responsibly.</p> <h2 id="how-to-report">How to report</h2> <ul> <li>Email: <strong><a href="mailto:daniel@danielkhrapko.com">daniel@danielkhrapko.com</a></strong></li> <li>You may encrypt your message using my PGP key: <strong><a href="https://danielkhrapko.com/pgp-key.txt">https://danielkhrapko.com/pgp-key.txt</a></strong></li> <li>Please include: <ul> <li>A clear description of the issue</li> <li>Steps to reproduce / proof of concept</li> <li>Any relevant URLs, screenshots, or logs</li> </ul> </li> </ul> <h2 id="scope-in-scope">Scope (in-scope)</h2> <p>This policy covers vulnerabilities that could impact:</p> <ul> <li>danielkhrapko.com and subdomains I control</li> <li>My deployments, DNS, CDN/WAF configuration, and CI/CD pipelines</li> <li>Misconfigurations or integration issues involving third-party services <strong>as they apply to my setup</strong> (e.g., Cloudflare/DNS issues, GitHub Pages/Actions misconfig, webhook leakage, token exposure)</li> </ul> <h2 id="out-of-scope">Out of scope</h2> <ul> <li>Vulnerabilities in third-party providers that are not specific to my account/configuration or do not impact my domain</li> <li>Attacks that require targeting third-party infrastructure directly (e.g., attacking Cloudflare/GitHub/etc systems)</li> <li>Social engineering, physical attacks, or denial-of-service (DoS) testing</li> </ul> <h2 id="what-to-expect">What to expect</h2> <ul> <li>I’ll try to acknowledge your report within <strong>7 days</strong></li> <li>If it’s a valid issue, I’ll work on a fix as time allows</li> </ul> <h2 id="safe-harbor">Safe harbor</h2> <p>I won’t pursue legal action against you for good-faith security research that:</p>