Good intro to fingerprinting web servers. This has been codified in the past but the tools are...
Read More
I posted a silly tweet after finding a vulnerability in an Android app the other day. It grew...
Read More
My favorite thing this week, how HTTPS works, via a cartoon of cats.
https://howhttps.works/
...
Read More
More news than usual today.
There is a new WebLogic RCE. I'll be adding it to Nikto this week...
Read More
The Verizon Data Breach Investigations Report is out. It's a good read.
https://www.verizonenterpris...
Read More
There are some neat developer and security events this spring that I'll be speaking at or otherwise...
Read More
(Yes, last week was indeed an April Fools' joke)
(This week isn't.)
Domain names are a blessi...
Read More
I am testing an application that only works on Internet Explorer in compatibility mode. Before...
Read More
Chinese cell phone manufacturer OnePlus (incidentally my daily carry) plans on including cryptocurre...
Read More
HSTS tracking beats even incognito mode in browsers, and it more and more often used by advertisers....
Read More
No, I haven't given up on my OTHER blog series about application vulnerability assessment but an opp...
Read More
I'll be doing a live webinar on Application Vulnerability Analysis on February 8 at 2PM EST - 1 mont...
Read More