Bill Sempf

May 11, 2018

Telling Developers About Vulnerabilities Isn't Enough

To many security firms, a web application vulnerability assessment is a list of confirmed exploitabl...

May 03, 2018

Base64 is not encryption

I posted a silly tweet after finding a vulnerability in an Android app the other day. It grew...

Apr 15, 2018

Application Security Weekly for April 15

The Verizon Data Breach Investigations Report is out. It's a good read. https://www.verizonenterpris...

Apr 09, 2018

Some neat events I'll be participating in this spring

There are some neat developer and security events this spring that I'll be speaking at or otherwise...

Apr 04, 2018

Proxy Fiddler Through Burp

I am testing an application that only works on Internet Explorer in compatibility mode. Before...

Mar 18, 2018

A new blog series: Application Security Weekly

No, I haven't given up on my OTHER blog series about application vulnerability assessment but an opp...

Jan 08, 2018

Live Webinar: Come talk Application Vulnerability Analysis with me and WintellectNOW

I'll be doing a live webinar on Application Vulnerability Analysis on February 8 at 2PM EST - 1 mont...

Dec 06, 2017

Day 6 of C# Advent - Coding for an encrypted service

Welcome to the 6th day of the C# Advent! Let's encrypt some malware. That sounds horrible, but in se...

Nov 26, 2017

Reconnaissance

Reconnaissance means something different for pentesters as it does from vulnerability analysts. ...

Oct 04, 2017

Information Organization in Vulnerability Analysis

All of this fancy organization and lists are just tools for the goal - making a list of everything t...

Sep 18, 2017

On Application Vulnerability Analysis

We live in a world where applications run the technology that we all use. There was, once, a t...

Jun 28, 2017

ABC interviewed me about being on the good guys team

Bryant Maddrik at ABC6 interviewed me and Todd Whittaker at Franklin about the plight of the good gu...

Husband. Father. Pentester. Secure software composer. Brewer. Lockpicker. Ninja. Insurrectionist. Lumberjack. All words that have been used to describe me recently. I help people write more secure software.

2025
- September (1)
- August (2)
- May (1)
- April (1)
- March (2)
- February (1)
2024
- November (1)
- April (1)
- March (2)
- February (2)
2022
- June (1)
- April (1)
- March (1)
- February (1)
2021
- April (3)
- March (3)
- February (3)
- January (4)
2020
- December (5)
- November (5)
- October (3)
- September (4)
- August (5)
- July (4)
- June (5)
- May (6)
- April (3)
- March (5)
- February (4)
- January (5)
2019
- December (5)
- November (4)
- October (4)
- September (3)
- August (5)
- July (4)
- June (4)
- May (2)
- April (4)
- March (6)
- February (3)
- January (3)
2018
- December (5)
- November (4)
- October (3)
- September (3)
- August (4)
- July (6)
- June (5)
- May (8)
- April (7)
- March (2)
- January (1)
2017
- December (1)
- November (2)
- October (1)
- September (2)
- June (2)
2016
- January (1)
2015
- December (6)
- September (2)
- August (1)
- July (1)
- March (1)
- January (1)
2014
- October (1)
- September (3)
- August (2)
- July (1)
- March (2)
- January (3)
2013
- December (2)
- November (1)
- October (2)
- May (1)
- April (1)
- March (2)
- January (1)
2012
- December (1)
- August (1)
- July (6)
- June (1)
- May (2)
- April (1)
- March (3)
- February (2)
- January (1)
2011
- December (1)
- November (1)
- October (4)
- September (2)
- August (1)
- June (1)
- May (1)
- April (2)
- March (1)
- February (1)
- January (3)
2010
- November (1)
- October (2)
- September (6)
- August (8)
- June (5)
- May (1)
- April (4)
- March (4)
- February (5)
- January (4)
2009
- December (2)
- November (3)
- October (4)
- September (4)
- August (2)
- July (3)
- June (6)
- May (2)
- March (1)
- February (4)
2008
- November (2)
- October (1)
- August (1)
- July (1)
- June (2)
- May (2)
- April (2)
- February (2)
- January (1)
2007
- September (1)
- July (6)
- June (4)
2006
- November (3)
- October (1)
- June (2)
- May (2)
- April (2)
- March (1)
2005
- September (1)
- August (2)

Mastodon