Twelve Days of ZAPmas - Day 12 - Testing a new Content-Security-Policy
What is the CSP? The Content-Security-Policy (CSP) is a widely recommended control and is ...
Learn more
Twelve Days of ZAPmas - Day 9 - Automated Scanning and ATTACK mode
Automated scanning against an application is useful. It’s a faster and less labor-intensive way to ...
Learn more
Twelve Days of ZAPmas - Day 7 - API Testing with Postman and ZAP
If you’ve done any significant amount of API development, there’s a good chance you’ve used ...
Learn more
Twelve Days of ZAPMAS - Day 6 - Passive Flaw Detection and Using the HUD
One of the awesome things about a security-focused interception proxy like ZAP is its ability to ...
Learn more
Twelve Days of ZAPmas - Day 5 - Scope and Contexts
Normally I don’t like having my interception proxy hide out-of-scope traffic. Doing so creates a ...
Learn more
Twelve Days of ZAPmas - Day 4 - Fuzzing for Injection
I briefly introduced fuzzing earlier in the series, citing it as the second primitive upon which ...
Learn more
Twelve Days of ZAPmas - Day 3 - CYA (Cover Your Auth)
Access control is one of the crucial elements to application security. The vast majority of ...
Learn more
Twelve Days of ZAPmas - Day 2 - The Edge of Tomorrow
Day 2 - The Edge of Tomorrow - Replaying and Tampering with Requests Fuzzing and tampering are like ...
Learn more
Twelve Days of ZAPmas - Day 1 - Setting Up ZAP
This holiday season, I’m going to run down some of the ins and outs of working with OWASP Zed ...
Learn more
Coming Soon - Twelve Days of ZAPmas
In December of 2018, I published a twelve-day series of cross-site scripting tips, tricks, and ...
Learn more
Training |
application security |
OWASP |
AWS |
IaC |
JuiceShop |
Containers |
AWS_ECS |
workshops |
Vagrant |
AWS-CDK
JuiceShop Workshop in less than 5 minutes
Have you ever deployed 10-30 containers in AWS with the single stroke of a key? (well if you don’t ...
Learn more
