[OWASP AppSec USA 2012] Effective Approaches to Web Application Security - Zane LackeyIn this video Zane Lackey from Etsy talks about how to make a developer's job easier by making things safe by default, how to detect risky functionality and how to automate aspects of web application security monitoring and response. Effective Approaches to Web Application Security - Zane Lackey from OWASP AppSec USA on Vimeo.
Having completed a similar course at a different university, it is great to see that Abertay is attracting female students.
This is the paper that I submitted for my undergraduate dissertation in Ethical Hacking for Computer Security. The title (a mouth full) 'Implementing Basic Static Code Analysis into Integrated Development Environments (IDEs) to Reduce Software Vulnerabilities'. The paper talks about software security, modern software development, software development life cycles, static code analysis and a lot more. Since submitting it I have noticed some mistakes so I'm not putting this out there as a 'perfect paper'.
Feel free to have a read through, I won't be making any future amendments as I was sick of looking at it by the time I submitted it but I thought I would put it out there incase it was useful to others in learning about software security. It is a bit dry in places, be warned!
Implementing Basic Static Code Analysis into Integrated Development Environments (IDEs) to Reduce Software Vulnerabilities
I've been running this blog now since November 2008. As the blog's 4 year anniversary is approaching I thought I would share with you the 5 blog posts which have received the most hits within that time.
1. DropBox Security - 20,494 hits
2. Introducing WPScan – WordPress Security Scanner - 13,012 hits
3. Setting up Tor on BackTrack - 10,538 hits
4. WordPress Brute Force Tool - 10,017 hits
5. [Interview] The Jester - 7,475 hits
Probably not my personal top 5 blog posts but, nevertheless, the ones that get the most hits. If you would like to guest post on ethicalhack3r.co.uk in Spanish, English or French get in contact!
It has been a rainy Sunday so I wrote a Caesar Cipher (ROT) Encoder/Decoder in Ruby to ease the boredom.
When I get ideas that I think have something worth while in them I note them down for future reference. The three main points to get this working were:
This is a recent piece I did for the BBC Inside Out program that originally aired on February 6th. In the video I demonstrate a wireless Main In The Middle (MITM) attack in a coffee shop using a FON+ wireless router, Karma and Jasager. Oh, and they're the ones who call me an 'expert', personally, I hate the term and would never call myself one.