BSides NOLA 2017

On April 1st I was honored by being able to speak again at BSides NOLA. There were so many wonderful talks, I really wish there are more mes so I could have attended them all. My Talk was focused on looking at XSS (Cross Site Scripting) and really digging into the harm that can really be done, when someone else can control your browser. If you missed it, booooo, it was an awesome talk. »

The Web's Most Wanted

OWASP has a top ten list that ranks the most critical attacks against web applications. At the top of this list is Injection Attacks. SQL injection is one of this type of attacks. This post is a walk through of what the attack is and a look at more advanced versions of the attack.

»

BSides NOLA 2016

On April 16th I had the pleasure of speaking at BSides NOLA. The conference was excellent, as usual. I learned an absolute ton of cool new information, and was able to meet and speak with really smart people. I am particularly interested in looking into database forensics a lot more.

»

XXE - The Ugly Side of XML

The eXtensible Markup Language (XML) has a very long and lustrious reputation for being he go-to language for storing and transferring self describing data. Unfortunately though, XML’s root have presented a problem that can plauge many improperly configured parsers. This problem is known as eXternal XML Entity attacks (XXE).

»