Application Security This Week for March 31

by Bill Sempf 31. March 2019 12:30

No April Fools here.

 

Solid primer on using burp Collaborator for blind command injection.  One of the real benefits of Burp over ZAP.

https://threat.tevora.com/stop-collaborate-and-listen/

 

Bruce weighs in on a study where freelance devs were checked for their secure coding.  It didn't go well.

https://www.schneier.com/blog/archives/2019/03/programmers_who.html

 

A new tool for testing on Windows.  Now, I don't use Windows for EVERYTHING but it is nice for a lot of things.  I'll be checking this out.

https://securityaffairs.co/wordpress/83065/hacking/commando-vm-windows.html

 

And that's the news!

Tags:

Comments are closed

Husband. Father. Pentester. Secure software composer. Brewer. Lockpicker. Ninja. Insurrectionist. Lumberjack. All words that have been used to describe me recently. I help people write more secure software.

Find me on Mastodon

profile for Bill Sempf on Stack Exchange, a network of free, community-driven Q&A sites

MonthList

Mastodon