Physical Penetration Testing Basics – A Primer

Physical Penetration Testing is an assessment that involves testing physical security controls to see where they might fail. While this […]

Pentesting Restrictive Environments – Part 2

Putting it all together Note: This blog is part 1/2 of Pentesting Restrictive Environments. I highly recommend reading part 1 […]

Pentesting Restrictive Environments – Part 1

The Scenario On a recent engagement, the client was focused on testing the controls that were in place within the […]

Updating Anti-CSRF Tokens in Burp Suite

Updating Anti-CSRF Tokens in Burp Suite Burp Suite developed by Portswigger, is the leading software for web application penetration testing. […]

Insecure Direct Object References

Insecure Direct Object References   Insecure Direct Object References was a category first seen in the OWASP Top Ten 2007 […]

Breakdown of HTTP Messages

HTTP is a stateless protocol used in the World Wide Web (WWW) to facilitate a client-server data transaction. HTTP/1.1 is […]