Kubernetes Security – A Useful Bash One-Liner

Whether you’re an administrator, pentester, devop engineer, programmer, or some other IT person, chances are that you’ve heard of Kubernetes (k8s). If you’re a penetration tester like myself you may sometimes find yourself in odd situations involving k8s. One such situation is getting or being given super admin to a Kubernetes cluster, but you’re on …

Kubernetes Security – A Useful Bash One-Liner Read More »

Building Blocks: Professionally Evil Fundamentals Series

We at Secure Ideas love security education. What we enjoy even more is affordable security education. So we decided to start a Professionally Evil Fundamentals Video series. These are short definition videos related to information security and penetration testing. We believe that these videos are for anyone who wants to move into information security or …

Building Blocks: Professionally Evil Fundamentals Series Read More »

It’s Okay, We’re All On the SameSite

With Google’s recent announcement that all cookies without a SameSite flag will be treated as having SameSite=Lax set by default in Chrome version 80, surely Cross-Site Request Forgery will be dead? Well, not quite… In this post I’m going to demonstrate a scenario in which the SameSite default won’t actually stop a CSRF attack from …

It’s Okay, We’re All On the SameSite Read More »

Top 10 Blog Lists

We have written a lot over the past year and beyond, and we wanted to provide you with our Top 10 lists! Take a look and gain some new knowledge for the new year!! Top 10 Blogs from 2019 Better API Penetration Testing with Postman – Part 1 + Better API Penetration Testing with Postman – …

Top 10 Blog Lists Read More »

Scroll to Top