Sans Core Netwars Tournament of Champions Europe

From Justin Palk, Security Consultant: I’ll be honest, it feels good to win. Popping a shell sends a shiver down my spine. But getting into a duel with another team working the same environment? Both trying to reach the same goal, being able to see how close you...

Hacking OAuth2.0

The intent of this blog is to help penetration testers and security researchers get a deeper understanding of the OAuth protocol. We are going to learn how to bypass authentication using OAuth’s implicit flow. Before we attack OAuth we need to have an...

Networking Fundamentals Part I

This blog is the first of three in a series to go over some basic networking fundamentals that every security professional should know. These blogs are geared towards the absolute beginner and will cover a lot of different topics at a high level. These blog posts are...

SiegeCast : Web Api Weaknesses

SIEGECAST: WEB API WEAKNESSES Penetration testing Web API’s can be difficult without an effective approach, so Charles Shirer is here to provide you with a few tips and tricks! Charles breaks down the fundamentals of hacking Web API’s and the methodology...