-
Ship secure high quality software faster.
-
Latest Posts
-
Tag! Your it!
.NET .NET Core ASP.NET MVC BackAndForth Behemoth Garden BEMCheckBox Birm C# DataGrip Docker Edmonton .NET User Group Entity Framework fun GitHub hack the box Introduction to ORMs for DBAs ios kids thinking outside the box Mini-Compressor native-binding nginx NUnit ORM react Reduce image size Reduce photo size ruby RubyMine ruby on rails saturdaymp show saturdaympshow security Smaller images software development sql-server standard ruby Takeaways TeamCity Temporal Database Today I Learned Ubuntu xamarin xamarin ios .net native-binding xplugins xplugins.iOS.BEMCheckBox
-
Archives
Category Archives: Security
SaturdayMP Show 51: Cyber Insecurity in the Wild
A presentation about security issues I’ve personally witnessed. The IRL presentation is Oct 3rd, 2024 for the Dev Edmonton JavaScript, Ruby, and Python Meetup in Edmonton. Found this video useful? Then help others find it by liking, subscribing, sharing, and … Continue reading
Posted in Saturday MP Show, Security
Tagged saturdaymp show, security
Comments Off on SaturdayMP Show 51: Cyber Insecurity in the Wild
SaturdayMP Show 50: Hack the Box Sherlock (Brutus)
In this episode I solve the Brutus Sherlock on Hack the Box with only minimal help from the walkthrough. Found this video useful? Then help others find it by liking, subscribing, sharing, and sponsoring. Have question you want answered in … Continue reading
Posted in Saturday MP Show, Security
Tagged hack the box, saturdaympshow, security
Comments Off on SaturdayMP Show 50: Hack the Box Sherlock (Brutus)
SaturdayMP Show 49: picoCTF Gym (Trickster & Cookies)
In this episode I show how to solve the Trickster picoCTF challenge which I got stuck on in the last video. I got some help from Weekly Dev Chat participants. I also solve the Cookies challenge. Found this video useful? … Continue reading
Posted in Saturday MP Show, Security
Tagged picoctf, saturdaymp, saturdaympshow, security
Comments Off on SaturdayMP Show 49: picoCTF Gym (Trickster & Cookies)
SaturdayMP Show 48: picoCTF Gym (Verify and Getting Stuck on Trickster)
In this episode I go over my plan for the month and then try a couple picoCTF problems. Successfully solved Verify and failed to figure out Trickster. Do you have any tips for me to solve Trickster? Found this video … Continue reading
Posted in Saturday MP Show, Security
Tagged picoctf, saturdaymp show, security
Comments Off on SaturdayMP Show 48: picoCTF Gym (Verify and Getting Stuck on Trickster)
SaturdayMP Show 36: picoCTF Gym
In this episode I do some picoCTF exercises inspired by the picoCTF 2024 competition starting. The last problem was a Unicode byte problem that I figured out with help from GitHub Copilot. I don’t fully understand the solution so let … Continue reading
Posted in Code Examples, Saturday MP Show, Security
Tagged ctf, picoctf, saturdaympshow, security
Comments Off on SaturdayMP Show 36: picoCTF Gym
SaturdayMP Show #25: TPS Report Uploader CFT Walkthrough (Vulnerable Blazor Application)
Happy Holidays! In this episode I do a walkthrough of the TPS Report Uploader capture the flag (CTF) I created. The walkthrough includes how to exploit the vulnerabilities and how to fix them in this .NET 8 Blazor application. You … Continue reading
Posted in Saturday MP Show, Security, Software Development
Tagged .NET, blazor, Burp Suite, gobuster, saturdaymp show, security
Comments Off on SaturdayMP Show #25: TPS Report Uploader CFT Walkthrough (Vulnerable Blazor Application)
SaturdayMP Show #23: Adding Basic Auth to NGINX Passenger Docker (Part 3)
In this stunning conclusion to the 3 part series I finally get HTTP Basic Authentication working. Including merging my changes into the main branch in GitLab and making sure it works in staging and production in Render. The video is … Continue reading
Posted in Saturday MP Show, Security, Software Development
Tagged Docker, gitlab, http basic auth, nginx, passenger, render, ruby on rails, saturdaympshow
Comments Off on SaturdayMP Show #23: Adding Basic Auth to NGINX Passenger Docker (Part 3)
SaturdayMP Show #20: Hack the Box – Busqueda Part 3 (Root Flag)
In this episode I find the root flag for the Busqueda machine on Hack the Box. Took a wrong turn looking for Gitea and Git vulnerabilities but eventually found the root flag with help from the walkthrough. Watch part 2 … Continue reading
Posted in Saturday MP Show, Security
Tagged hack the box, saturdaymp show, security
Comments Off on SaturdayMP Show #20: Hack the Box – Busqueda Part 3 (Root Flag)
SaturdayMP Show #18: Hack the Box – Busqueda Part 2 (Reverse Shell)
In this episode I get a reverse shell working and make some progress on capturing the root flag. Spoiler: There is a self hosted GitHub like website. Watch part 1 of me hacking the Busqueda machine at: Thanks to Hack … Continue reading
Posted in Saturday MP Show, Security
Tagged hack the box, reverse shell, saturdaymp show, security
Comments Off on SaturdayMP Show #18: Hack the Box – Busqueda Part 2 (Reverse Shell)
Don’t Commit Sensitive Information to the Repository
One of the most common security issues I in code reviews is sensitive information, such as production credentials, API keys, etc, in the source code. The source code I just pulled from the repository. The source code all the developers … Continue reading
Posted in Security
Tagged credentials, security
Comments Off on Don’t Commit Sensitive Information to the Repository