What Do You Expect From A PenTest?
There are many reasons that a company has a penetration test performed. Maybe it is due to ...
Continue Reading
Comprehensive Testing: Red and Blue Make Purple Video
James Jardine and I held the Comprehensive Testing (Purple Teaming) webcast yesterday. In this ...
Continue Reading
Purple Teaming for Success
You know what blue teams and red teams are. Red is our attack side, or the adversaries, and Blue is ...
Continue Reading
Oversharing: Who Has Access?
What types of information do you copy to a shared folder? Who has access to the share? This can be ...
Continue Reading
Is My Application Illegal?
Mobile devices and applications are everywhere. And we have seen tons of information, guides and ...
Continue Reading
Decoding Security Jargon
If you pick up just about any security textbook it will begin by describing security using terms ...
Continue Reading
Burp Co2 Update v0.5 adds a Name Mangler module!
I’m excited to announce another addition to the Burp Co2 extension bundle in v0.5 of Burp Co2 ...
Continue Reading
Are we a Target?
2014 has started out with a bang in terms of publicly disclosed compromised systems. We entered the ...
Continue Reading
Scary Web Services: Part 2
This post may seem timely in light of the recent Snapchat compromise. Although Snapchat’s breach ...
Continue Reading
Intercepting DNS
Recently during a penetration test, I discovered a Linksys WRT54G wireless router that had been ...
Continue Reading
Professionally Evil Software: Laudanum 1.0 release!
Secure Ideas is excited to announce the immediate release of Laudanum 1.0. This open source project ...
Continue Reading