Yes, it is possible in theory to forge the Web Server Certificate that is used in SSL/TLS communication. This is because the certificate is signed by a certificate authority that your browser trusts using a cryptographic hashing algorithm of a specific length. The hashing algorithms that have been used to… Continue reading
Search this site
Check out my other project…
- Create an EC2 that runs Chrome for sandboxed websurfing
- Check Multiple AWS S3 Buckets for Missing Default Encryption
- The Equifax Data Breach and the Apache Struts Vulnerability
- Test Early, Test Often
- Linux Hardening
- Information Security at Startup Companies
- Timestamp bash_history with every command
Why didn't someone think of this before? --> Chrome Limits Websites' Access to Private Networks for Security Reasons https://thehackernews.com/2022/01/chrome-limits-websites-access-to.html
My long awaited updated complimentary Mini Course on Infosec Consulting is now ready - it's been 2 years since I updated and ran this free mini course. I answer the most common questions like "How to get clients" and "How to set pricing" and more.
Just finished another amazing week of SEC510 at SANS Cyber Security East: Dec 2021 and am proud to announce our CloudWars CTF winners: Stephen Bernard (1st place); Mathew Dilmaghani (2nd place); and Benjamin Fielden & Kyle Weeks (Tied for 3rd). Congrats gents!!