Application Security

Grey Box Penetration Testing

A common question I get from potential clients is “what is grey box testing and why do we need it?”  I believe this often stems from the request for credentials to an application when discussing the penetration test.  The thought is that if we are testing the system like an attacker,   providing credentials is breaking …

Grey Box Penetration Testing Read More »

Installing RatProxy on Windows – Video Uploaded

A few months ago I did the original Installing RatProxy on Windows blog post that describes both how to install Cygwin (required for RatProxy) and RatProxy.  The previous post does a great job of walking through the process of the installation, but I wanted to do a video for those that prefer the visual aide …

Installing RatProxy on Windows – Video Uploaded Read More »

Ninja Developer Talk at Louisville Metro Infosec Conference

I recently attended, and spoke, at the Louisville Metro Infosec Conference (http://louisvilleinfosec.com/) in Kentucky.  The organizers did an excellent job putting this event together and I really enjoyed my time there.   My presentation was titled “Ninja Developers” and was focused on tools that developers can use to help them test for security vulnerabilities in their …

Ninja Developer Talk at Louisville Metro Infosec Conference Read More »

Scroll to Top