Better API Penetration Testing with Postman – Part 2
In Part 1 of this series, I walked through an introduction to Postman, a popular tool for API ...
Continue Reading
Security Misconfigurations
The configuration of web and application servers is a very important aspect of web applications. ...
Continue Reading
Better API Penetration Testing with Postman - Part 1
This is the first of a multi-part series on testing with Postman. I originally planned for it to be ...
Continue Reading
Android App Testing on Chromebooks
Update: As of March 2021, I’d recommend using Android Virtual Devices over Chromebooks. Chromebooks ...
Continue Reading
OWASP's Most Wanted
So you ask who is this OWASP and why do I care? Well, let’s hear it directly from them: “Open Web ...
Continue Reading
How to Test Your Security Controls for Small/Medium Businesses
We often get contacted by small businesses requesting their first penetration test because of ...
Continue Reading
HIMSS 2019 - Champions of Security Unite
Organizations of all sizes and industries face increasing challenges in safeguarding vast amounts ...
Continue Reading
Cave of Broken Mirrors: 3 Issues with AWS Cognito
Rey while searching for someone finds a distorted reflection Secure Ideas is currently working on a ...
Continue Reading
Cracking WPA Pre Shared Keys
This is intended to be part 2 of a previous blog (Intro to Wireless Security), which was designed ...
Continue Reading
Three C-Words of Web App Security: Part 3 – Clickjacking
This is the third and final part in this three-part series, Three C-Words of Web Application ...
Continue Reading
Fuzz Testing
If you have a brand new piece of software, a program, a network, or an operating system, you will ...
Continue Reading