14 Oct 2010

Firefox Addons for Penetration/XSS Testing

2010 was supposed to be the year of the Tiger, but it’s felt more like the year of Pwny so far. This article covers some Firefox add-ons that help you test your own apps, whether you’re working with a penetration tester, or by default, you are the penetration tester.

25 Jan 2010

When Your WordPress Blog Gets Hacked

It happens to most bloggers at some point – your WordPress blog gets pwned, and you’re not sure where to even start. I’ve gone through this process enough times, helping friends restore their blogs after a hack that it seemed like it might be helpful if I wrote an article

03 Nov 2009

Web 2-Point-Owned: Apple.Com’s XSS Exploit

Earlier today, we got a glimpse of what happens when a big company forgets to cross their t’s and dot their i’s. And in programming, that means failing to validate user-entered data before displaying it on-screen.