New year, new updates

I finally got off my butt and decided what to do with this blog and the fifteen years of posts withi...

Read More

Vulnerabilities I am seeing in Summer 2022

Seeing a couple of vulnerabilities that are higher risk than they used to be floating around out there. They are what the attackers are going after since the focus on AppSec from both backend and frontend libraries are preventing a lot of code injection errors (which is a good thing, don't get me wrong)...

Read More

On reporting

When all finished with your testing, and have collected all the evidence, it is time for the report. The report is expressly in existence to make it easier for the development team to fix the bugs. A lot of people don't like reporting. I am distinctly not one of those people....

Read More

On Tools

Not too long ago, I was asked to do a technical interview for a set of tests.  This isn't unhea...

Read More
Mastodon