Yes, it is possible in theory to forge the Web Server Certificate that is used in SSL/TLS communication. This is because the certificate is signed by a certificate authority that your browser trusts using a cryptographic hashing algorithm of a specific length. The hashing algorithms that have been used to… Continue reading
Search this site
Check out my other project…
- Create an EC2 that runs Chrome for sandboxed websurfing
- Check Multiple AWS S3 Buckets for Missing Default Encryption
- The Equifax Data Breach and the Apache Struts Vulnerability
- Test Early, Test Often
- Linux Hardening
- Information Security at Startup Companies
- Timestamp bash_history with every command
Thinking about mental models lately in preparation for an upcoming talk. found this research paper fascinating: "How Hackers Think: A Study of Cybersecurity Experts and Their Mental Models" https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2326634SANS Cloud Security@SANSCloudSec
Need a crash course on Terraform +Git with a security use case? Here is my gift to you...
NEW YouTube Video by @KennethGHartman !
Heavy hands-on demo to "Use Terraform to Provision Your Own Cloud-Based Remote Browsing Workstation"
View it here: https://youtu.be/5L6yxXXn0-I
"The mass media shall conduct targeted cybersecurity publicity and education aimed at the public." -- https://www.dezshira.com/library/legal/cyber-security-law-china-8013.html