Application Security This Week for March 31

No April Fools here.

 

Solid primer on using burp Collaborator for blind command injection.  One of the real benefits of Burp over ZAP.

https://threat.tevora.com/stop-collaborate-and-listen/

 

Bruce weighs in on a study where freelance devs were checked for their secure coding.  It didn't go well.

https://www.schneier.com/blog/archives/2019/03/programmers_who.html

 

A new tool for testing on Windows.  Now, I don't use Windows for EVERYTHING but it is nice for a lot of things.  I'll be checking this out.

https://securityaffairs.co/wordpress/83065/hacking/commando-vm-windows.html

 

And that's the news!

Add comment

Bill Sempf

Husband. Father. Pentester. Secure software composer. Brewer. Lockpicker. Ninja. Insurrectionist. Lumberjack. All words that have been used to describe me recently. I help people write more secure software.

 

 

profile for Bill Sempf on Stack Exchange, a network of free, community-driven Q&A sites

MonthList