Bill Sempf

Apr 08, 2018

Application Security Weekly for April 8

(Yes, last week was indeed an April Fools' joke) (This week isn't.) Domain names are a blessi...

Apr 04, 2018

Proxy Fiddler Through Burp

I am testing an application that only works on Internet Explorer in compatibility mode. Before...

Apr 01, 2018

Application Security Weekly for April 1

Chinese cell phone manufacturer OnePlus (incidentally my daily carry) plans on including cryptocurre...

Mar 25, 2018

Application Security Weekly for March 25

HSTS tracking beats even incognito mode in browsers, and it more and more often used by advertisers....

Mar 18, 2018

A new blog series: Application Security Weekly

No, I haven't given up on my OTHER blog series about application vulnerability assessment but an opp...

Jan 08, 2018

Live Webinar: Come talk Application Vulnerability Analysis with me and WintellectNOW

I'll be doing a live webinar on Application Vulnerability Analysis on February 8 at 2PM EST - 1 mont...

Dec 06, 2017

Day 6 of C# Advent - Coding for an encrypted service

Welcome to the 6th day of the C# Advent! Let's encrypt some malware. That sounds horrible, but in se...

Nov 26, 2017

Reconnaissance

Reconnaissance means something different for pentesters as it does from vulnerability analysts. ...

Nov 03, 2017

Funny artifacts of security testing

Being a vulnerability analyst has a few humorous artifacts. This takes a few different forms, but in...

Oct 04, 2017

Information Organization in Vulnerability Analysis

All of this fancy organization and lists are just tools for the goal - making a list of everything t...

Sep 27, 2017

Application Security is a Solved Problem

The vulnerabilities you hear about aren’t really the problem much of the time. I don’t w...

Sep 18, 2017

On Application Vulnerability Analysis

We live in a world where applications run the technology that we all use. There was, once, a t...

Husband. Father. Pentester. Secure software composer. Brewer. Lockpicker. Ninja. Insurrectionist. Lumberjack. All words that have been used to describe me recently. I help people write more secure software.

2025
- March (1)
- February (1)
2024
- November (1)
- April (1)
- March (2)
- February (2)
2022
- June (1)
- April (1)
- March (1)
- February (1)
2021
- April (3)
- March (3)
- February (3)
- January (4)
2020
- December (5)
- November (5)
- October (3)
- September (4)
- August (5)
- July (4)
- June (5)
- May (6)
- April (3)
- March (5)
- February (4)
- January (5)
2019
- December (5)
- November (4)
- October (4)
- September (3)
- August (5)
- July (4)
- June (4)
- May (2)
- April (4)
- March (6)
- February (3)
- January (3)
2018
- December (5)
- November (4)
- October (3)
- September (3)
- August (4)
- July (6)
- June (5)
- May (8)
- April (7)
- March (2)
- January (1)
2017
- December (1)
- November (2)
- October (1)
- September (2)
- June (2)
2016
- January (1)
2015
- December (6)
- September (2)
- August (1)
- July (1)
- March (1)
- January (1)
2014
- October (1)
- September (3)
- August (2)
- July (1)
- March (2)
- January (3)
2013
- December (2)
- November (1)
- October (2)
- May (1)
- April (1)
- March (2)
- January (1)
2012
- December (1)
- August (1)
- July (6)
- June (1)
- May (2)
- April (1)
- March (3)
- February (2)
- January (1)
2011
- December (1)
- November (1)
- October (4)
- September (2)
- August (1)
- June (1)
- May (1)
- April (2)
- March (1)
- February (1)
- January (3)
2010
- November (1)
- October (2)
- September (6)
- August (8)
- June (5)
- May (1)
- April (4)
- March (4)
- February (5)
- January (4)
2009
- December (2)
- November (3)
- October (4)
- September (4)
- August (2)
- July (3)
- June (6)
- May (2)
- March (1)
- February (4)
2008
- November (2)
- October (1)
- August (1)
- July (1)
- June (2)
- May (2)
- April (2)
- February (2)
- January (1)
2007
- September (1)
- July (6)
- June (4)
2006
- November (3)
- October (1)
- June (2)
- May (2)
- April (2)
- March (1)
2005
- September (1)
- August (2)

Mastodon