DOs and DON’Ts of Pentest Report Writing
Melisa Wachs// The first day of school has started for your school-age kiddos. What better time to run through some of our basic reporting guidelines with y’all? Here is a […]
Informational
What to Expect After a Pen Test
Scott Worden* // So you and your company had a pen test…now what? What to do, how to plan, and good SQUIRREL! ways to stay on track. The 3 […]
PODCAST: Security Policy: Fact Fiction or Implement the Marquis de Management
CJ Cox talks about the highs, lows, hows and why’s of security policy. // Show Notes Why are we doing this? Do you hate your audience? GDPR was bad enough. […]
Podcast: Play in new window | Download
Subscribe: Apple Podcasts | Spotify | Amazon Music | RSS
CORS Lite
Dakota Nelson// Cross Origin Request Sharing (CORS) is complicated, and that complexity creates a lot of places where security vulnerabilities can sneak in. This article will give you a “lite” […]
Hashcat 4.10 Cheat Sheet v 1.2018.1
Kent Ickler // It seemed like we were always cross-referencing the Hashcat Wiki or help file when working with Hashcat. We needed things like specific flags, hash examples, or command […]
What I Wish I Would Have Known
Bre Schumacher// Many of you were probably asked as a young child what you wanted to be when you grew up. Maybe you had an idea of something that sounded […]
Finding: Weak Password Policy
David Fletcher// The weak password policy finding is typically an indicator of one of two conditions during a test: A password could be easily guessed using standard authentication mechanisms. A […]
WEBCAST: SDR Quick Start Guide
Paul Clark* // What is Software Defined Radio and why should you, the noble InfoSec professional, care about it? What kind of hardware and software do you need to start […]
GNURadio Can Make You Hear Laurel & Yanny
Paul Clark* // Feeling uncomfortably productive today? I’ve got a remedy for that, involving internet memes and signal processing. Come and waste a few minutes of your day with Laurel, […]