Page 16: Browse more insights and updates from our blog archives. This page continues our expert content on security, research, and analysis.At Brucon 2012 I had the privilege to present and demo VSA, the Virtual Scripted Attacker, a tool I had been working on with a great team of very talented people for a number …
Page 16: Browse more insights and updates from our blog archives. This page continues our expert content on security, research, and analysis.UPDATE: April 2nd – Added new pinning article thanks @an_animal! UPDATE: Feb 14th – Added (draft, initial) forensics section, Added pinning links, thanks @an_animal for most pinning resources! Android Security is like IPv6: It …
Page 16: Browse more insights and updates from our blog archives. This page continues our expert content on security, research, and analysis.An interesting tool for Java source code analysis is OWASP LAPSE Plus. You can see the instructions to set it up on the project’s page or Click to explore. OWASP LAPSE Plus requires Eclipse …
Page 16: Browse more insights and updates from our blog archives. This page continues our expert content on security, research, and analysis.Here are a few links if you want to download the materials from the OWASP OWTF BruCon 2012 workshop that happened last week in Ghent, Belgium: – The slides are now online in slideshare …
Page 16: Browse more insights and updates from our blog archives. This page continues our expert content on security, research, and analysis.IMPORTANT: If you are attending the “Introducing OWTF” BruCon workshop on Wednesday please download the latest OWASP OWTF and latest DEMO Report. Thank you! Another round of GIT hell has taught me a couple …
Page 16: Browse more insights and updates from our blog archives. This page continues our expert content on security, research, and analysis.Background A recent data breach on the LinkedIn database leaked around 6.5 million salted hashes. This ignited a healthy debate in the security community: – Some people said you should only use bcrypt and that …
Page 16: Browse more insights and updates from our blog archives. This page continues our expert content on security, research, and analysis.UPDATE: I will update this blog post with links to the video when available NOTE: Remember there is a Download option in slideshare :). “That was best description of why cross domain policy is …
Page 16: Browse more insights and updates from our blog archives. This page continues our expert content on security, research, and analysis. OWTF 0.14 “London” is dedicated with special love to BSides London, its organisers and attendants! Usual background + Disclaimer: The Offensive (Web, etc) Testing Framework (aka OWTF) is an OWASP+PTES-focused try to unite …
Page 16: Browse more insights and updates from our blog archives. This page continues our expert content on security, research, and analysis.I have had to travel a lot lately and there are some annoying issues I see as I take planes, this blog post combines some tips and tricks I have used successfully with the …
Page 16: Browse more insights and updates from our blog archives. This page continues our expert content on security, research, and analysis.This is a stability release fixing a number of issues I encountered as I was preparing my demos -1h :)- for HackPra tomorrow. I will try to explain this weird tool a bit better …