New topics for many: Offensive Security Operations Center, Attack Surface Management and Always-On penetration testing! What are these concepts? How can attackers leverage opportunities to show risk continuously instead of on a snapshot basis? Learn more in my webcast on the topic:
I am very proud! Last week, Magnus Holst and me established a new company, River Security. Check out our mission and services here: https://riversecurity.eu
I just did a webcast on this topic. It has slides and examples on how to utilize Docker for security related work. I hope you enjoy!
Fuzzing and figuring out where vulnerabilities might be is an essential skill for anyone looking to discover vulnerabilities.
Cryptography is not always deployed in a secure manner. When user controlled input is provided to a server and the server encrypts the data, outputting the results back to the user, it might be used as an oracle to learn which plain-text provide which encrypted data. This weakness is often present in Electronic Code Book […]
I created a Youtube video to prove how to create reserved file names using the \\.\ prefix in the command line. Also I show how to append ADS to facilitate hiding and other interesting stuff.
Yesterday I did a SANS @Mic talk where I presented on common security misconceptions. The talk discovers many pits and fallacies we make while consulting ourselves and others within information security. I hope it’s interesting! You can find it here:
A series on the books on my bookshelf has been completed. You can find all the videos here: https://www.youtube.com/playlist?list=PLag7W-lJE2Aw4m1754iJd3tQlgnr4eAeQ
I’ve got 27 videos on how to work with web hacking, working through the popular wargame OverTheWire.org, specifically the game called Natas. Check out my videos here: https://www.youtube.com/playlist?list=PLag7W-lJE2Aw8hzezQl17ZlE6CfNS3nYu
I noticed a great new alert today on my GMail account. Previously I’ve received emails from David Cohen on his business email, however he suddenly sent me an email from his private email address. This sparked Gmail to give me an alert, saying that this individual might be pretending to be someone they’re not. Pretty […]