Getting Started with Recon-ng
When preparing for a penetration test, there is quite possibly nothing more important than reconnaissance. There are a variety of tools in the security space that aid in the …
How to Sign a UWP Application with a Digital Certificate
All development teams should get in the habit of digitally signing their applications, especially before sending to QA or production. Code signing is not only a best practice. It …
The Amazon Kindle Fire HD is the Worst Tablet for Teens
Oh, Amazon. How far your Kindle Fire has fallen, HD tablet, latest of generations. How you could make a tablet suitable for adults and small children and totally neglect …
Assuming a Role With MFA Using Awsume and the AWS CLI
In this post, we’re going to discuss the process of assuming a role with MFA from the AWS CLI using Awsume. In our last post, we discussed in ad …
Using MFA with Awsume to Secure the AWS CLI
In this blog post we’re going to discuss how to set up a new user in the AWS Management Console, how to enable MFA on that user, how to …
Using Awsume with Multiple AWS CLI Users on Ubuntu
Awsume is a great tool that allows you to seamlessly switch between multiple AWS CLI profiles. You may utilize multiple CLI profiles to enforce principal of least privilege. The …
Getting Started with the Burp REST API
Burp Suite is my go-to tool for performing penetration tests against web applications. I was recently asked if it was possible to integrate Burp into a development pipeline, so …
How to Use Argon2 for Password Hashing in Java
In previous posts, we’ve learned about the importance of using a password hashing function like Argon2id to create hashes of passwords that can be safely stored in a database. …
How to Use Argon2 for Password Hashing in C#
In the past couple of blog posts, I’ve been discussing various password hashing algorithms and how Argon2 (specifically Argon2id) is the algorithm that leading cryptographers recommend. In this post, …
How to Choose the Right Parameters for Argon2
In my last post, I discussed four cryptographic hashing functions that are suitable for password storage. I pointed out that Argon2 (in particular Argon2id) is the hashing function that …