Professionally Evil: Self Inflicted Injury at Vendor's Request
It’s an unfortunate and still too common a vulnerability to find administrative interfaces exposed ...
Continue Reading
SIAM: Custom Testing Machines
Secure Ideas recently made the decision to create custom machines that we could use for penetration ...
Continue Reading
We Can't Rely on the Browser for Protection
A large part of doing security consulting is providing proper mitigations and recommendations to ...
Continue Reading
Industry Issues: New Vulnerabilities and Marketing Problems
As a consultant, I spend a lot of my time working with organizations and staff to help them improve ...
Continue Reading
When the flood is going to come...
Most everyone in the U.S. is aware that it's not uncommon for the Mississippi River to flood in the ...
Continue Reading
Comparing Authorization Levels with Burp's Compare Site Map feature
Burp Suite from Portswigger.net is a fantastic web app testing tool that we use regularly at Secure ...
Continue Reading
My Crayons Didn't Upload My Pictures to the Internet
In July, my daughter, Brenna (11yo) and I presented at the SANS Denver event. She has long wanted ...
Continue Reading
Burp Extension for F5 Cookie Detection
This past February, my fellow colleague James Jardine wrote an excellent blog post called “Decoding ...
Continue Reading
Defending Against Pass-the-Hash (PtH) Attacks
Pass-the-Hash (PtH) attacks have become probably the most common form of credential attacks used in ...
Continue Reading
Video: Introduction to Burp Suite
The below video is an introduction to Burp Suite. This is the first of our videos that will teach ...
Continue Reading
Kismet Log Viewer v2 Tool Released
Secure Ideas actively supports open source and giving back to the community. In that light, we’re ...
Continue Reading