Month: February 2013

Decoding F5 Cookie

As a Penetration Tester, there are many different things you come across while performing a test.   The one in which I will discuss in this post is the cookies returned by the F5 BigIp Server.  These cookies are purposed for load balancing and if not properly protected, will reveal IP addresses and ports of internal …

Decoding F5 CookieRead More »

Professionally Evil Perspective Podcast released

We just wanted to put together this quick post to let everyone know that the Professionally Evil Perspective podcast is now online at iTunes! You can subscribe at https://itunes.apple.com/us/podcast/professionally-evil-perspective/id607209968?mt=2 We look forward to hearing your feedback and suggestions for future episodes!

Introduction to MobiSec video

We just wanted to post a quick update to let you know about a new video.  Kevin (working with James) recorded a “quick” introduction to OWASP MobiSec.  This video just discusses what MobiSec is and how it works.  It also talks about some of the tools available on MobiSec.

Active Defenses?

Active defense, often mistakenly called hacking back, is a common topic thrown around the security space lately.  And I think there are a number of reasons for this. Current security technologies are beginning to show significant strain.  It seems almost daily there is breach of another large company or government institution.  Many of these companies …

Active Defenses?Read More »

Grab a CORS Light

Many of you already know that any cross-site HTTP requests invoked from scripts running within a browser are restricted by the Same-Origin-Policy.  Basically this means that any cross-site HTTP requests, such as XMLHttpRequest, are only allowed to make requests to the same domain that the page was loaded from, and not to any other domains.  …

Grab a CORS LightRead More »

Scroll to Top