• About
  • Services
  • Contact
  • Privacy Policy

Twelve 21

Menu
  • About
  • Services
  • Contact
  • Privacy Policy

How to Securely Store a Password

Bryan Burman May 30, 2019 Application Security 1 Comment
How to Securely Store a Password
I’ve said it a million times. Passwords are the bane of a developer’s existence. Authentication is incredibly complicated, and much of that rests around password storage. I highly recommend …
[Continue Reading...]

Secure a Development Environment with Application Whitelisting

Bryan Burman May 20, 2019 Application Security No Comments
Secure a Development Environment with Application Whitelisting
If you have ever tried to secure a development environment, you know that it is an incredibly challenging task. Developers often need administrative privileges in order to install and …
[Continue Reading...]

Installing SamuraiWTF On Hyper-V With Vagrant

Bryan Burman April 29, 2019 Application Security No Comments
Installing SamuraiWTF On Hyper-V With Vagrant
SamuraiWTF, short for the Samurai Web Testing Framework, is a virtual machine designed for application security professionals. SamuraiWTF is similar in nature to Kali, but it is trimmed down …
[Continue Reading...]

Code Sign a .NET Core Assembly In An Azure DevOps Build

Bryan Burman April 17, 2019 Application Security, DevOps 1 Comment
Code Sign a .NET Core Assembly In An Azure DevOps Build
In a previous post, I discussed the process of code signing a .NET Core assembly with a digital certificate. In it, I mentioned three methods of utilizing SignTool.exe to …
[Continue Reading...]

Using SignTool.exe to Sign a .NET Core Assembly with a Digital Certificate

Bryan Burman April 10, 2019 Application Security, Development 1 Comment
Using SignTool.exe to Sign a .NET Core Assembly with a Digital Certificate
There are many ways to fend off malware. Perhaps the most effective way to accomplish this is via whitelisting. An organization can designate which assemblies can be executed in …
[Continue Reading...]

Outsourcing Authentication With a CIAM Product

Bryan Burman April 8, 2019 Application Security No Comments
Outsourcing Authentication With a CIAM Product
I’ve said it before and I’ll say it again – passwords are dangerous. Authentication and authorization subsystems are hard to build and are difficult to protect. If you are …
[Continue Reading...]

User Enumeration in WebAuthn

Bryan Burman April 2, 2019 Application Security 1 Comment
User Enumeration in WebAuthn
In a previous blog post, I discussed several pitfalls of information disclosure during registration and authentication and how difficult it is to prevent them. In this article, I’m going …
[Continue Reading...]

The Dangers of User Enumeration

Bryan Burman March 28, 2019 Application Security No Comments
The Dangers of User Enumeration
If you read my previous post regarding Common Information Disclosure Vulnerabilities During Registration and Authentication, then you know how difficult it is to prevent user enumeration. Most developers seem …
[Continue Reading...]

Four Ways to Prevent Denial of Service Attacks In Your Web Applications

Bryan Burman March 14, 2019 Application Security No Comments
Four Ways to Prevent Denial of Service Attacks In Your Web Applications
Traffic can make or break your website. Too little indicates your website is underused and unpopular. Too much can overwhelm your business. Or it could mean your website is …
[Continue Reading...]

Common Information Disclosure Vulnerabilities During Registration and Authentication

Bryan Burman March 12, 2019 Application Security No Comments
Common Information Disclosure Vulnerabilities During Registration and Authentication
Let’s face it. We all have secrets. That’s not necessarily a bad thing. There are just certain pieces of information you don’t want everyone to know – your phone …
[Continue Reading...]
  • Previous
  • Next

Popular Posts

    Recent Posts

    • Getting Started with Recon-ng
      Getting Started with Recon-ng
      February 24, 2021 No Comments
    • How to Sign a UWP Application with a Digital Certificate
      How to Sign a UWP Application with …
      February 20, 2021 2 Comments
    • The Amazon Kindle Fire HD is the Worst Tablet for Teens
      The Amazon Kindle Fire HD is the …
      February 8, 2021 3 Comments
    • Assuming a Role With MFA Using Awsume and the AWS CLI
      Assuming a Role With MFA Using Awsume …
      February 1, 2021 1 Comment
    • Using MFA with Awsume to Secure the AWS CLI
      Using MFA with Awsume to Secure the …
      January 28, 2021 2 Comments

    Categories

    • Agile
    • Application Security
    • Architecture
    • Best Practices
    • Development
    • DevOps
    • Family
    • Offensive Security

    Tags

    .NET Core Amazon AWS AWS CLI Awsume Azure Azure DevOps Burp C# cryptography Digital Certificates Fire HD FreeTime Java Key Vault Kindle MFA OAuth 2.0 passwords recon recon-ng reconnaissance Rust SignTool Tablet UWP Visual Studio VS Code WebAuthn

    Recent Posts

    • Getting Started with Recon-ng
      Getting Started with Recon-ng
      February 24, 2021 No Comments
    • How to Sign a UWP Application with a Digital Certificate
      How to Sign a UWP Application with …
      February 20, 2021 2 Comments

    Connect With Us

    Twelve 21 Copyright © 2023.