Search Results for: aws

Security Misconfigurations

The configuration of web and application servers is a very important aspect of web applications. Often times, failure to manage proper configurations can lead to a wide variety of security vulnerabilities within servers and environments. When these configurations are not properly addressed or ignored, the overall security posture can suffer. Sometimes the biggest problem that …

Security Misconfigurations Read More »

Fuzz Testing

If you have a brand new piece of software, a program, a network, or an operating system, you will want to test it for any bugs, coding errors or other potential issues before it goes live. Fuzzing is a great way to do so. It’s also a good method to perform quality checks of your …

Fuzz Testing Read More »

Twelve Days of XSSmas

This series of daily mini-posts, running from December 12, 2018 to December 24, 2018, is intended to provide cross-site scripting (XSS) related tips. This will range from filter-evasion and payload minification tricks, to old (but still good) classic XSS tips, to scripts that make (or contribute to) interesting proof-of-concept payloads. Day 1 – Template Literals …

Twelve Days of XSSmas Read More »

Network Check Ups

Most people know that taking care of your personal health is important. We get regular check ups and try to keep ourselves as healthy and free of potential risks as best we can. During these check ups, a doctor will typically tell us about important health concerns, and recommendations to improve or fix any conditions …

Network Check Ups Read More »

Silencing Firefox’s Chattiness for Web App Testing

Firefox is one chatty browser! Even if you don’t actually use it for anything, it’s constantly making requests out to the internet for things like updates, checking network status, and sending telemetry data back to Mozilla. When using Firefox for web app testing, I’ve often noticed the constant stream of additional requests that get in …

Silencing Firefox’s Chattiness for Web App Testing Read More »

The Report

Being a pen tester is a cool job, we get to break into companies (with permission), steal stuff, and then tell them how we did it. Many testers focus on the cool hack, or getting domain admin, or finding SQL injection flaws because that is the exciting part of the job. These make up the …

The Report Read More »

Current State of Security in Healthcare

Healthcare organizations are a prime target for many malicious individuals and organizations in the information age. Identity thieves, blackmailers, and even the curious public are attracted to the intense amounts of personal information a healthcare organization must collect to provide adequate levels of care. Understanding the current state of security in healthcare is paramount to …

Current State of Security in Healthcare Read More »

Scroll to Top