Hunting Secrets
A rundown of the Secrets Hunter capability within Paramalyzer, used to quickly find instances of sensitive information leakage in web applications.
A rundown of the Secrets Hunter capability within Paramalyzer, used to quickly find instances of sensitive information leakage in web applications.
Using ansible to add security headers to an apache web server (idea), environment defined in a Vagrantfile
Application security is a big job, for sure. And it’s not just the job of the developers or the SOC. There is an incredible amount of surface to...
This post outlines the importance of building a content security policy (CSP) to secure web applications, and how to get started building one.
Secure Ideas' Quick Bites Ep 2 - HTTP security headers are important for webapp security. Here are some that will help lockdown your site a little...
Post on SetUID drop-privileges binaries with leaked file descriptors, allowing for PrivEsc. Covers how to exploit & a tool to streamline exploitation.
A blog post on how to update the nmap-mac-prefixes file to improve nmap's OUI detection and provides a script to help streamline the process.
Blog post explaining how-to extract the OUI information from a MAC address and lookup the manufacture using public data from the IEEE.
What is the difference between Replicating Directory Changes, Replicating Changes in Filtered Set, and Replicating Directory Changes - All?
How to find open Windows network file shares and secure them with publicly available tools. Lock down your network shares!
A blog about using Secure Shell (SSH) to securely copy files using SCP.
How to setup a home surveillance system without paying for a monthly subscription.