Three C-Words of Web App Security: Part 2 – CSRF

This is the second in a three-part series, Three C-Words of Web Application Security. I wrote a sort of prologue back in April, called A Brief Evolution of Web Apps, just to set the scene for those less versed in web application history. In July, I posted part one, which was Three C-Words of Web App Security: …

Three C-Words of Web App Security: Part 2 – CSRF Read More »

Silencing Firefox’s Chattiness for Web App Testing

Firefox is one chatty browser! Even if you don’t actually use it for anything, it’s constantly making requests out to the internet for things like updates, checking network status, and sending telemetry data back to Mozilla. When using Firefox for web app testing, I’ve often noticed the constant stream of additional requests that get in …

Silencing Firefox’s Chattiness for Web App Testing Read More »

Not Just Another Notch in Your Belt: Organizational Challenges of PCI Compliance

As an account manager in the world of security, I am constantly confronted with questions surrounding PCI compliance and the challenges organizations face with ensuring proper controls are in place, and all requirements met.  If we get down to the core of the issue, the reality is many organizations either don’t have the budget or …

Not Just Another Notch in Your Belt: Organizational Challenges of PCI Compliance Read More »

Introduction to Wireless Security with Aircrack-ng

Introduction to Wireless Security with Aircrack-ng   Today we’re going to walk through a few WiFi testing examples using Aircrack-ng, which is a suite of wireless network security tools.  It allows us to monitor and export packet data, attack access points and clients, and crack WEP and WPA keys.  I’ve included some links at the …

Introduction to Wireless Security with Aircrack-ng Read More »

Automating Red Team Homelabs: Part 1 – Kali Automation

Homelab infrastructure got you down? Well, not anymore! This is the first post of a 3-part series that will talk about how to automate your home lab, from your kali box to all your vulnerable and domain-joined test vms. It will teach you how to keep your infrastructure dynamic, idempotent, and resilient (a necessity for …

Automating Red Team Homelabs: Part 1 – Kali Automation Read More »

Scroll to Top