Due to the positive response I got on my previous write up, I figured I’d keep the ball rolling and do another. Thank you to everyone who shared the last post, and I hope that you find this write up just as enjoyable. Tutorial Mode Server Side Request Forgery (SSRF) is just a fun bug […]
Ignoring that fact that I’m less than consistent with my blog posts, you’d think that I’d do a bug bounty write up at some point. I recently reached the top 100 on Bugcrowd and I’ve spent some time on other self managed programs. Well, the time has finally come. I participated in an invite-only program […]
You know what I’m thankful for? Target. Where else are you going to find a 6 shelf, 80 inch bookcase for $35? Sure, it’s made of cheap wood and sways I bit if I bump into it, but hell… I gotta display my excessive collection of books some how. If I’m going to spend a […]
My patience has finally been rewarded. The declassified version of the highly classified election intelligence report has been released and is available to the general public. The PDF document is short and sweet, but it gives a high level overview of the joint investigation by the NSA, CIA, and FBI into Russian activities and involvement […]
Star Wars fans, let’s be honest here. All of us at one point or another dreamed of being Boba Fett. Who doesn’t want a jet pack, a blaster rifle/flame thrower, and an awesome back story? Not to mention, an inherently bad-ass job. Even 9 year old Matt was flying his mini version of the […]
I left college with a decent amount of programming experience, mostly in Java, but never really had an opportunity to actually use it. Sure, I had an <sarcasm>absolute blast</sarcasm> creating everything from calculators, to red-black trees, to web servers while at school, but I was never really able to apply it to something I found […]
Even if you’re not working in the cyber security field or keep up to date with infosec news, you’ve probably heard of a group called Anonymous. If you haven’t heard the name, you’ve most likely heard about one of their many news-worthy operations such as Operation KKK, Operation Ice ISIS, or Case Donald Trump. I […]
I recently had some one come to me and ask for advice on how to get into the cyber security field, specifically web application security. I recommended a couple good books and certifications to look at, as well as some good resources for video training materials, but I only recommended learning one tool – Burp Suite. […]
Look AppSec people, I know you just love dealing with development teams. I know the best part of my day is logging into my computer to be greeted by 3 “we don’t think this vulnerability is an issue” emails. Believe me, I’m sure they share the same warm, fuzzy feelings about us as well. But […]
At this point, I’m sure you’ve all heard about Apple’s on-going fight with the FBI over allowing backdoors into iPhones. In the world of cyber security, encryption, and privacy, this is the battle that will set the tone for the impending war. I have an enormous amount of respect for Apple’s CEO, Tim Cook. In an […]
Hack-Ed 