![]() Tsai’s created, including the source code,ĭeciduous: A Security Decision Tree Generator Ryan Petrich and Kelly Shortridge describe a web app they’ve released ( source) that lets you focus on attacker actions, potential mitigations, and how attackers will respond, and Deciduous will dynamically generate an organized and styled graph.Īre you oversharing (in Salesforce)? Our new tool could sniff it out! Massive collection by Michał Ży of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools, and more.Ī repository of the CTF challenges Orange OSINT: Find profiles across 350 sites by username.Politics / Privacy: Iran's government planned kidnapping in the U.S.Ransomware: Inside the ransomware economy, site tracking ransomware profits, political methods to stop ransomware.Container Security: AWS Lambda deep dive, two resources on hardening AWS EKS, Red Hat State of Kubernetes Security Report 2021.Cloud Security: Getting partial AWS account IDs for any Cloudfront website, defending against DNS exfiltration in AWS, building an attribute-based access control strategy with AWS SSO and Okta.Authorization: Carta's highly scalable permissions system inspired by Google's Zanzibar, code patterns for API authz, layering authz into an existing web app.AppSec: Massive list of resources, Orange Tsai's CTF exercises, web app decision tree generator, finding oversharing in Salesforce, guide to determine if you should run a bug bounty.I also chatted with John Kinsella and Adrian Sanabria on Application Security Weekly #156 on scaling security programs via secure defaults, how modern AppSec teams work with their engineering counterparts □, and other good stuff. ![]() See this video for the Semgrep demo portion with minute markers, and the beginning of the full video for how I got into improv comedy, the origin of tl dr sec and some lessons learned growing it, career thoughts, and more. I joined Lewis Ardern on one of the best named British Bake Off security podcasts, SecuriTEA & Crumpets. I’ve had the privilege of chatting with some awesome people recently. ![]() I’m tempted to include some lines, but I don’t want to spoil it, so here’s a taste: Programming or security themed parodies can be hit or miss, but this parody of Aladdin’s “A Whole New World” is □ I hope you’ve been doing well! A Whole New Code ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |