Archive for February 26, 2013


Decoding F5 Cookie

February 26, 2013

As a Penetration Tester, there are many different things you come across while performing a test.   The one in which I will discuss in this post is the cookies returned […]


Professionally Evil Perspective Podcast released

February 26, 2013

We just wanted to put together this quick post to let everyone know that the Professionally Evil Perspective podcast is now online at iTunes! You can subscribe at We look […]


Introduction to MobiSec video

February 22, 2013

We just wanted to post a quick update to let you know about a new video.  Kevin (working with James) recorded a “quick” introduction to OWASP MobiSec.  This video just […]


Reading the Mandiant APT1 Report

February 20, 2013

Like a lot of folks, I downloaded and read through the Mandiant APT1 report as soon as I could.  It’s an excellent resource and I highly recommend reading it if […]


Active Defenses?

February 19, 2013

Active defense, often mistakenly called hacking back, is a common topic thrown around the security space lately.  And I think there are a number of reasons for this. Current security […]


Where in the RSA is Kevin?

February 8, 2013

So RSA 2013 in San Francisco is coming up and I will be there for two different parts of the event. First, on the 24th and 25th of February, I […]


Grab a CORS Light

February 7, 2013

Many of you already know that any cross-site HTTP requests invoked from scripts running within a browser are restricted by the Same-Origin-Policy.  Basically this means that any cross-site HTTP requests, […]