When you’re testing web applications, sometimes you want to automatically change some part (or parts) of the request, the response, or both to know how the application will react. In this post, I’ll show you how to do that automatically using Burp Suite's Match and Replace rules.
The tech sector, if you know what you're doing, is easier than most fields to get started in. However, you do have to know what you're doing. In this post, I'm going to step through a series of ways to get started, in case you're not sure.
A new health record management system is going live in Australia soon. It's called My Health Record. It will affect every Australian (and potentially temporary and permanent residents as well) as it will store some of their most intimate information — their health records! But do the risks of such a system outweigh the advantages?
There are so many things that we have to get right to creating secure applications. From input validation to output escaping, secure applications take time, effort, and dedication. However, there one thing that doesn't take much effort, but offers a quick win. Response headers!
Have you ever stopped to wonder about just how trusting you are with your online privacy, and how much information you freely give away? Have you ever thought how savvy you are in the modern era, but how naive your parents and grandparents were? I believe we could be living in a much more naive time now. Here’s why.
In light of the recent Cambridge Analytica / Facebook scandal Mark Zuckerberg testified before the US Congress. Did you tune in to hear what he said about what they knew? Were you keen to know more and about how they might be planning to protect your privacy in the future?
Do you ever wonder just how much information Google is storing and sharing about you, all so that they can give you those search results? Ever felt like you were being tracked online, all so that you could do some simple searches? Well, it's time to consider alternatives to Google, ones that give you great search results, but that don't invade your privacy.
Recently, I decided to learn the basics of the Symfony (4) framework, so that I could better understand one of my client's applications, and provide better support to it. I never expected to use such a well-rounded framework. Nor did I expect to encounter such an engaged and supportive community. Here's the story.
If you want to create a great quality podcast, then you need to have great audio. And to have great audio, you need to remove all those little things that distract your listener; those things that make your audio sound less than professional, such as breaths and lip smacking. One of the easiest ways to do that, is to use a noise gate. Come learn what it is and how to use it.
I've worked in many roles in my career to date, but whenever I was in a position of management, whether as a project manager or team lead, being distracted (or interrupted) was the norm. There was always a steady stream of people inside the company coming to me with questions or seeking guidance.
One of the most common attack vectors against servers is bruteforce login attempts. This is where attackers attempt to access your server, by trying endless combinations of usernames and passwords. So how do you defend yourself against this kind of attack?
Recently, I've moved into security at ownCloud. As part of the new role, I've had to invest lots of time learning about web application security attack vectors and about applications and tools for testing security.