Installing RatProxy on Windows - Video Uploaded
A few months ago I did the original Installing RatProxy on Windows blog post that describes both how to install Cygwin (required for RatProxy) and...
Professionally Evil Insights
Search for keywords or individual blog posts
Posts
Grey Box Penetration Testing
A common question I get from potential clients is “what is grey box testing and why do we need it?” I believe this often stems from the request for...
SH5ARK: Taking a Byte out of HTML5
The new features in HTML5 have opened a whole new world of opportunities for developers and for attackers. Secure Ideas recognized this and with...
How To: Encrypting Mac Mail
As a security consultant, frequently traveling, it is critical to implement security controls to protect sensitive data on my computer. One of the...
Ninja Developer Talk at Louisville Metro Infosec Conference
I recently attended, and spoke, at the Louisville Metro Infosec Conference (http://louisvilleinfosec.com/) in Kentucky. The organizers did an...
DerbyCon Wrap Up
Its a wrap! DerbyCon has ended for the Secure Ideas crew and we are all headed home. While a few team members are flying out, the rest of us are...
DerbyCon Bound
So the Secure Ideas staff is pretty excited to be headed to DerbyCon even though Jason is the only one smart enough to fly there. (James, Kevin, Tony...
Testing
ViewState XSS: What's the Deal?
As penetration testers, there are many different technologies that we have to be familiar with. The more we know and understand about a given...
Testing
Testing ASP.Net WebForms: Request Method Validation
As a professional penetration tester, there are many features of an application that are similar across all languages. Unfortunately, just...
security
SamuraiWTF 2.0? What happened to 1.0?
So the SamuraiWTF project have released the first few release candidates for the formal 2.0 release. Since the previously available version was...
incident response
Security Onion @ UTOSC 2012
Shortly before joining Secure Ideas, I spoke on Security Onion and Network Security Monitoring (NSM) at the Utah Open Source Conference 2012. The...
developers
How to Setup RatProxy on Windows
In an effort to help developers and other windows users get started adding security testing into their process, this post will describe the process...