The Evolution of nebriv.com
From Dreamhost shared hosting to whatever this is now.
nebriv.com · freethehuman.com · pvgamers.com · cnisclub.org · nsca.us · malwareblog.nebriv.com · terry.nebriv.com · ecommerce.nebriv.com
Shared hosting, the kind where you FTP into /home/nebriv/ and hope nobody else on the box is hogging the CPU. I went through at least three design iterations (v3, v4, v5) and honestly they're all still sitting in a backup archive from February 2012. Static HTML, inline CSS, the whole deal.
pvgamersforum on mysql.nebriv.com. The 2012 backup still has the entire phpBB install.
extracted_2_29_2012/ ├── nebriv.com/ ├── freethehuman.com/ ├── pvgamers.com/ ├── malwareblog.nebriv.com/ └── ecommerce.nebriv.com/
/VarietyShow2010/: photo distribution for a school variety show/rsvp/: graduation party RSVP page/ecommerce.nebriv.com/: JavaScript class project ("feel free to break it")/weather/: weather page/dahna.com/: hosted site/chatadmin/: chat admin tool/college/: college coursework
/quote/, a community quote board called "Overheard At Four Rivers" where you could submit overheard quotes, vote up/down, flag for moderation. Full admin panel with approval queue and IP banning. Database frcsquotedb on mysql.nebriv.com; data lost, never migrated.
All three design iterations still render if you open them in a browser. Eventually Dreamhost just wasn't cutting it anymore and I bit the bullet on a VPS.
"Well I guess here it goes. Switching from shared hosting over to a VPS… After giving Dreamhost a good run for about 4 years I decided it was time to actually make the switch."- Moving Up: Switching to a VPS, 2013
"As a side project and in the spirit of 'learning by doing', I have been working on a Capture The Flag engine."- CTF Engine, 2013
Five bucks a month for a DigitalOcean droplet. Ubuntu 12.04, Nginx, WordPress for the blog. I documented the whole migration in blog posts, including the email server setup that I wasted a week on before realizing my ISP was blocking port 25. That server, in various forms, would end up running for the next decade.
nebriv.com:3030. Raspberry Pi temperature sensors feeding data into Dashing widgets. DS18B20 probes via /sys/bus/w1/devices/, Highcharts for visualization.
melolla.com was the honey domain, presenting itself as "ModernRealty.com Internal Computer." 14 months of captured sessions, 26 MB of malware in the dl/ directory. MySQL logging, fake filesystem. Cowrie replaced it later and ran on the same box for years.
frontoffice/Summ3rDays, 208 attempts on the bait credentials. Attackers from 8+ countries. Post-compromise: rm -rf /*, rm .bash_history, malware staging from hosts in Hungary, Brazil, Mexico.
hackit.cnisclub.org hosted a MediaWiki instance titled "So You Wanna be a Hacker?" for the Vulnerable Host Network, a simulated corporate network for attack practice. And nsca.us, the National Security Club Alliance, an initiative to connect security clubs across the country.
- VPS setup and migration from Dreamhost
- Running your own email server
- Capture The Flag competition engine
- PowerShell: querying print server clusters
- Outlook signature randomizer for security awareness
- Syncing Gobby with Google Drive
- Flank steak with cilantro lime sauce
onlyonewaytofindout.travel, a WordPress travel blog. The name came from the answer to every question about whether a trip was worth taking.
"We've since graduated college and are now working in the IT industry. We stayed in contact and ultimately ended up discovering that we have a shared passion of traveling… This left us needing to scratch the itch of exploring more and more of this world which often lead to the question of 'Why go there? What's there to see?' and our shared answer always ends up being 'Well... there's only one way to find out!'"- Who Are We?, 2019
| Jan 2016 | Seattle → Portland → Redwoods → SF | 8 days · $740/person |
| Feb 2019 | Solo to Mexico City | 4 days · published |
| Apr 2019 | Geneva & Switzerland | draft notes |
| Aug 2019 | The Great Amtrak Escape | 4 days · NYC → SF by train |
"Typically, the train is a means to a destination, but in my case, it is the destination."- The Great Amtrak Escape, Day One, 2019
"Lying in bed in Utah, I realized that if I put my head behind curtain to block the ambient light coming from the hallway lights you could see an incredible number of stars… and the Milky Way!"- The Great Amtrak Escape, Day Three, 2019
4 published posts. 15 drafts. 2,063 photos from the Amtrak trip alone. The blog was running on a MySQL database that I never actually exported or backed up to a file... until 2026 when it turned out the server still had it. Lucky.
Meanwhile the DigitalOcean droplet was turning into a junk drawer. One $5/month server running everything, as you do.
nebriv.com · benvirgilio.com · withani.net · rastahorn.com · freethehuman.com
| 2017 | Modoboa mail server (Postfix, SpamAssassin, Amavis) | 5 domains |
| 2018 | MediaDrop, self-hosted video platform | 1 test upload |
| 2019 | ResourceSpace, digital asset management | gaming clips |
| 2019 | fucking.works | 58 bytes |
| 2018 | FlightFinder, flight deal alerts via Kayak, SkyScanner, Amadeus | Discord webhooks |
| 2019 | VTOL VR Download Manager, mod installer for a VR flight sim | first GUI project |
MediaDrop got a single upload titled "test" and that was basically it. ResourceSpace held a few gaming clips. The mail server, somehow, outlasted everything else on the box.
The travel blog went quiet. nebriv.com became a single-page landing card, an HTML5UP "Aerial" template with an airplane wing photo and four icons. InfoSec Engineer · Aviation Enthusiast · Foodie. That was the whole site for years. The server kept running though.
30 GB disk image (nebriv.com.dd) ├── /var/www/ web roots (5 domains) ├── /var/lib/mysql/ databases (still live) ├── /home/cowrie/ 5.7 GB honeypot logs ├── /etc/postfix/ mail for 5 domains └── /etc/nginx/ reverse proxy configs
The Cowrie honeypot (successor to that first Kippo instance from 2013) was still going, 5.7 GB of SSH intrusion attempts and counting. The home lab kept growing too: Proxmox, k3s, four VLANs, TrueNAS, OPNSense... probably more services than any one person needs.
| 2020 | Snapchat Map Scraper, OSINT tool for Snap Map stories | SQLite + geolocation |
| 2020 | Skribbl.io Grabber, automated drawing game bot | 168 MB database · Selenium |
| 2021 | VaxSignUp, COVID vaccine appointment automation | NYC Vax4NYC |
| 2021 | Facebook Photo Metadata Restore, EXIF from data exports | Python utility |
| 2022 | wazeData, Waze traffic data scraper | 37 GB database |
| 2022 | PTZ Camera Tracker, auto-tracking via OpenCV + VISCA-over-IP | PID control |
| 2022 | VISCA-IP-Controller, published pip package for PTZ cameras | PyPI: visca-over-ip |
| 2023 | Vornado Fan Decoder, IoT protocol reverse-engineering | 23 MB binary capture |
| 2024 | ZOLEO satellite messenger, BLE protocol reverse-engineering | APK decompile + Python CLI |
| 2024 | BasementWatchdog, Azure Notification Hub security research | APK decompile + report |
| 2024 | HikeSafe, hiking safety app with satellite tracking | OwnTracks + Zoleo + Garmin |
| 2023 | ChatRPG, AI-powered text RPG with NPC conversations | Flask + spaCy + OpenAI |
| 2025 | Crittable, tabletop incident response platform | AI-driven exercises |
200+ project directories recovered. Nothing published.
Last thing on the old server: heyari.tv, a VTuber showcase page I was hosting for a friend. Cyberpunk aesthetic, Orbitron font, "DEBUT FALL 2025." Still sitting on the same box that had been running since 2013.
Five years of building stuff and not writing about any of it. Logs accumulating, services running, 200+ project directories... and nothing published.
So I finally pulled everything together. Old blog posts, travel writing, project notes, all recovered from SQL dumps, disk images, and a decade-old backup archive and put into a single registry. nebriv.com and benvirgilio.com, same data, two views.
- 3 Dreamhost backup archives (6.2 GB, 2008–2012)
- 25 MB DigitalOcean SQL dump (2013 blog posts)
- 30 GB raw disk image mounted via WSL2
- 29 MB live MySQL dump recovered in 2026
- 19 travel blog posts extracted from WordPress database
- 7 posts from blog.benvirgilio.com restored
- 100+ freethehuman.com essays recovered from WordPress database
- 5-domain mail server configuration preserved in Modoboa dump
- Travel blog WordPress restored via Docker (Nisarg theme, full posts)
- pvgamers.com phpBB forum found intact in 2012 backup
- cnisclub.org custom CMS recovered: admin panel, meetings, IRC, two site versions
- benvirgilio.com "Overheard At Four Rivers" quote app recovered
- Kippo honeypot: 1,244 login attempts, 2,024 commands, attack visualizations recovered from Kippo-Graph database
- CNIS Club database recovered: 7 news posts, 5 meetings, user records (Ben's original writing from 2012)
- C4CTF competition data: questions, scores, sessions from September 2013
- hackit.cnisclub.org MediaWiki ("So You Wanna be a Hacker?") and VHN wiki documented
- nsca.us (National Security Club Alliance) initiative documented from database
- benvirgilio.com portfolio with IRC Security Bot, VHN, Portable Firewall projects
- kippo.nebriv.com web dashboard with geolocation maps and attack graphs recovered
- 214 project directories surveyed and catalogued
- 2,063 Amtrak trip photos in Google Takeout
The registry keeps growing. Trail pages track hikes. The /now page gets updated when it gets updated. We'll see where it goes.