Category Archives: hacks

New Pentester

I got a job as a penetration tester, which I think is really exciting. It is a job that I get excited about. One that causes frustration and a feeling of accomplishment. I’ll officially start on April 11th. My plan is to track my progress here, and document things that I learn, in general.

I contacted some other friends who are pentesters and asked for their advice, ideas on things they wish they knew when they got started. I was given two great pieces of advice on things to read or study up on. One was to read the publications on GitHub from Cure53. Today I read their whitepaper on X-Frame-Options and various ways to still bypass the clickjacking protection it provides. I’m looking forward to reading the others, once I finish the other recommendation…The Tangled Web! Continue reading

125 total views, no views today

Third Party Content Providers

Sometimes you hear of third party content providers getting compromised. Those are the widgets that sites use for content links. Those may be in the form of little ads or may be a “You’ll never believe what this Hollywood star did!” Sites trust those providers to load content into their site. But what happens when one of those get compromised by hackers? The hackers can then push their message or their malware onto dozens or possibly hundreds of sites all at once. Want to know more about it? I wrote a section on “Emerging Threats” for the Akamai State of the Internet Report. I’d suggest the reading the whole thing but my part starts on page 29.

http://www.stateoftheinternet.com/downloads/pdfs/2014-internet-security-report-q3.pdf

50 total views, no views today