Web App Pre-Flight
I think that it is because of my background in software development that I am passionate about ...
Continue Reading
Security Tubthumping
I have a friend who is an alcoholic. A few weeks ago after 5 years of sobriety, she stumbled and ...
Continue Reading
Professionally Evil: Self Inflicted Injury at Vendor's Request
It’s an unfortunate and still too common a vulnerability to find administrative interfaces exposed ...
Continue Reading
SIAM: Custom Testing Machines
Secure Ideas recently made the decision to create custom machines that we could use for penetration ...
Continue Reading
We Can't Rely on the Browser for Protection
A large part of doing security consulting is providing proper mitigations and recommendations to ...
Continue Reading
Industry Issues: New Vulnerabilities and Marketing Problems
As a consultant, I spend a lot of my time working with organizations and staff to help them improve ...
Continue Reading
Comparing Authorization Levels with Burp's Compare Site Map feature
Burp Suite from Portswigger.net is a fantastic web app testing tool that we use regularly at Secure ...
Continue Reading
Burp Extension for F5 Cookie Detection
This past February, my fellow colleague James Jardine wrote an excellent blog post called “Decoding ...
Continue Reading
Defending Against Pass-the-Hash (PtH) Attacks
Pass-the-Hash (PtH) attacks have become probably the most common form of credential attacks used in ...
Continue Reading
Video: Introduction to Burp Suite
The below video is an introduction to Burp Suite. This is the first of our videos that will teach ...
Continue Reading
Kismet Log Viewer v2 Tool Released
Secure Ideas actively supports open source and giving back to the community. In that light, we’re ...
Continue Reading