6-Step Blueprint for a Winning Product StrategyIn the bustling alleys of the business world, a product strategy is akin to a GPS, guiding a product’s development and launch with finesse…Sep 6, 2023Sep 6, 2023
How I automate authenticated API security testingThis is a short & simple post about automating the dynamic application security testing (DAST) of a service API. Usually performed as part…Oct 26, 2022Oct 26, 2022
Published inCoinmonksRegister and prosper with Web3 domainsWeb3 has been on fire this past year, we’re witnessing an emerging sector of innovation in its infancy. Similar to the rise of Web2…May 1, 2022May 1, 2022
Published inCodeXCommon ransomware delivery and cost effective proactive defenseWe as security practitioners often remind others, good cyber hygiene and best practices in security controls will go a long way in…Apr 27, 2022Apr 27, 2022
Published inCodeXDeconstructing the ransomware kill chainBy design ransomware is a relatively “noisy” form of malware and its kill chain presents multiple opportunities for network defenders to…Apr 6, 2022Apr 6, 2022
CISSP: Mile Long, Inch Deep…Back in 2017 I sat and passed my CISSP exam, it was my first year practicing cyber security. At some point in my early career I decided…Mar 24, 2022Mar 24, 2022
Tunnel traffic through jump hostTunnel traffic through a compromised jump host to reach otherwise unreachable internal networks or hosts (pivot).Jan 18, 2021Jan 18, 2021
Apache Tomcat Deserialization of Untrusted Data RCE (CVE-2020–9484)a niche condition to trigger remote code execution via deserialization on Apache TomcatNov 11, 2020Nov 11, 2020
HTB Buff — [writeup]Buff is a Windows machine rated as “Easy” on HackTheBox weighed toward CVEs. Webshells, file transfers and SSH tunnel port forwarding.Aug 31, 2020Aug 31, 2020