troyhunt.com
Troy Hunt: Learn ethical hacking and session hijacking on Pluralsight
https://www.troyhunt.com/2015/07/learn-ethical-hacking-and-session.html
Learn ethical hacking and session hijacking on Pluralsight. A couple of months ago I wrote about how fellow author Dale Meredith and myself are building out an ethical hacking series on Pluralsight. The viewership of the ethical hacking series has absolutely exploded! All the courses we’ve created so far have enjoyed time in the Top 100 most popular courses in the library. When you’re vying for position with Scott Allen, you know you’re doing something right! Ethical Hacking: Session Hijacking. By which ...
troyhunt.com
Troy Hunt: We’re struggling to get traction with SSL because it’s still a “premium service”
https://www.troyhunt.com/2015/08/were-struggling-to-get-traction-with.html
We’re struggling to get traction with SSL because it’s still a premium service. The web is going HTTPS only. In theory. They’re also recommending that browsers begin changing their UX to display non-secure origins as affirmatively non-secure. Yesterday Scott Helme posted some stats on the results of him crawling the top 1M sites based on Alexa rankings. Less than 7% of the top 1M sites are doing HTTPS only. SSL is still a premium service. It’s either harder to get than just plain old HTTP serv...First of...
troyhunt.com
Troy Hunt: An analysis of the ISIS “hit list” of hacked personal data
https://www.troyhunt.com/2015/08/an-analysis-of-isis-hit-list-of-hacked.html
An analysis of the ISIS hit list of hacked personal data. I see literally millions of compromised records from online systems every week courtesy of maintaining Have I been pwned? HIBP), in fact I’ve seen well over 200M of them since starting the service just under two years ago. I’ve gotten used to seeing both seriously sensitive personal data (the Adult Friend Finder breach. I’m always interested when personal data is leaked online and I’m. But how much of a threat is this really? Sources from which at...
troyhunt.com
Troy Hunt: Your affairs were never discreet – Ashley Madison always disclosed customer identities
https://www.troyhunt.com/2015/07/your-affairs-were-never-discrete-ashley.html
Your affairs were never discreet Ashley Madison always disclosed customer identities. I always find data breaches like today’s Ashley Madison one. Curious in terms of how people react. But this one is particularly curious because of the promise of “discreet” encounters:. Of course when the modus operandi of the site is to facilitate extramarital affairs then “discreet” is somewhat of a virtue… if they actually. Discreet about their customers’ identities! And a somewhat less polite one:. Now before you sa...
troyhunt.com
Troy Hunt: How I optimised my life to make my job redundant
https://www.troyhunt.com/2015/07/how-i-optimised-my-life-to-make-my-job.html
How I optimised my life to make my job redundant. If you’re a regular reader, you may have noticed a rather major job change on my behalf. Recently. The day to day office grind has gone and corporate life is now well and truly behind me, where it will firmly stay. One of the things that amazed me most when I finally wrote about this is how surprised so many people were that I actually had a normal day job:. Can't believe @troyhunt. Had another job as well! X2014; Conrad Jackson (@conradj) April 15, 2015.
troyhunt.com
Troy Hunt: Here’s how I’m going to handle the Ashley Madison data
https://www.troyhunt.com/2015/07/heres-how-im-going-to-handle-ashley.html
Here’s how I’m going to handle the Ashley Madison data. This morning I was reading a piece on the Ashley Madison hack. Which helped cement a few things in my mind. The first thing is that. This data ends up being made public (and it’s still an “if”) then it will rapidly be shared far and wide. Of course this happens with many major data breaches, but the emergence already of domains like WasHeOnAshleyMadison.com. Signal a clear intent to make it easily accessible as well. The point is that this data goin...
troyhunt.com
Troy Hunt: It’s ethical hacking with SQL injection on Pluralsight!
https://www.troyhunt.com/2015/05/its-ethical-hacking-with-sql-injection_21.html
It’s ethical hacking with SQL injection on Pluralsight! I’ve long been a proponent of “hacking yourself first”, that is the idea of building up some offensive skills such that you can actually take a good shot at. What I can now share with everyone is that over the last few months, I’ve been working hard with the folks at Pluralsight and another fellow author to take this a step further and start building out an ethical hacking series. You can go and watch the course on Pluralsight right now. In demand&#...
troyhunt.com
Troy Hunt: Sharing files on Azure with deployments from Dropbox
https://www.troyhunt.com/2015/08/sharing-files-on-azure-with-deployments.html
Sharing files on Azure with deployments from Dropbox. Firstly, you get yourself a website. If you’ve already got a basic or standard web hosting plan with Azure then it’s free as you can load those guys up with as many sites as the service can bear. Once the site is there (I called mine “troyhuntfiles”), you’ll see an option to set up continuous deployment:. After choosing “Dropbox”, it’ll do some auth to make sure it has access to your content:. The Dropbox website challenges for a logon:. We can drill ...
troyhunt.com
Troy Hunt: It’s time to visit London!
https://www.troyhunt.com/2015/07/its-time-to-visit-london.html
It’s time to visit London! That’s right folks, I’m finally getting over to London! I’ve made so many awesome connections there over the years (hi Tesco. And despite getting around quite a bit of late, I haven’t had the opportunity to actually spend time in the UK. All that changes in Jan and it’s thanks to the awesome guys at NDC. Go and check out the speakers they already have listed on the site. X2013; it’s full of absolute top notch technology pros. And we’ll have a chat. ScotlandIS: 6 Oct, Edinburgh ...
troyhunt.com
Troy Hunt: It’s app sec in the USA! (And “Hack Yourself First” workshops too)
https://www.troyhunt.com/2015/07/its-app-sec-in-usa-and-hack-yourself.html
It’s app sec in the USA! And Hack Yourself First workshops too). I’m very happy to be heading back to the US in a couple of months, this time to keynote at OWASP’s AppSecUSA in San Fransisco. I had a great time in Amsterdam only a couple of months ago keynoting at AppSecEU as well. And the whole event was just a heap of fun. It was a really good mix of security pros and developers, each bringing their own strengths to the show and making for some really interesting talks at different levels. One of the k...
SOCIAL ENGAGEMENT