How could Steampipe and Turbot help with setting Cloud Security Baselines?I wrote a few thoughts about Cloud Security Baselines. Initially, the idea started in a spreadsheet to help describe and tailor the…Feb 4Feb 4
Published inTech @ GoCardlessUsing CIS benchmarks to set expectations in a DevOps environmentIn the old world there was often a divide between developers, security and operations working in their own silos. This is not an effective…Sep 6, 2021Sep 6, 2021
RingZer0Team CTF SQLi challenges — Part 3Continuing on in my series of write ups of the RingZer0Team challenges it is time for my next instalment on SQL injection. I have…Mar 1, 2021Mar 1, 2021
Win 10 1904 VirtualBox ConflictAfter a frustrating evening trying to setup a Ubuntu 20.04 VM and being unable to upgrade any packages I had to dig into the detail of…Aug 9, 2020Aug 9, 2020
44Con HackerOne CTF write up — part oneThis year’s 44Con was based on a Blade Runner theme and was built by Cody from HackerOne education. He did a great job building it and was…Sep 16, 2019Sep 16, 2019
Exploiting simple network services in CTF’sFor those of you that enjoy CTF’s here are a few tips on how you can go about testing non HTTP network services.Sep 6, 2019Sep 6, 2019
BSides LDN 2018 CTF by Immersive LabsFortunately I have a ticket for BSidesLDN already, but wanted to have a play with the CTF. I haven’t used the immersive labs platform…Apr 7, 2018Apr 7, 2018
Owning the data centre – Cisco NX-OS VDC takeover vulnerabilityDuring testing of the Cisco Nexus 7000 series switch I identified a high impact (CVSS8.8) vulnerability within the OS which also formed the…Feb 9, 2018Feb 9, 2018
RingZer0Team CTF SQLi challenges — Part 2Continuing on in my series of write ups of the RingZer0Team challenges it is time for my next instalment on SQL injection. I have…Dec 14, 20172Dec 14, 20172