Cатсн²² (in)sесuяitу / ChrisJohnRiley

Because we're damned if we do, and we're damned if we don't!

Category Archives: Technology

23rd Annual FIRST Conference – Podcast

Leave a Comment Posted by ChrisJohnRiley on June 13, 2011

It’s not often I get to visit a conference close to home, but as luck would have it, this years annual FIRST conference is taking place in my own back yard. Prior to the conference start, I teamed up with Martin McKeay from the NetSec Podcast to record a few interesting interviews for FIRST. As [...]

Conference, Security, Technology CERT, Conference, FIRST, FIRST2011, Security

Setting up your own SAP Netweaver test lab

4 Comments Posted by ChrisJohnRiley on January 14, 2011

One of the main issues I came across when starting research in SAP security (and SAP in general) was the seeming lack of demo software available and the difficulty getting what demo versions there were up and running. This has also been the number 1 question I’ve received over the last few months… “How do I get [...]

Security, Study, Technology abap, netweaver, research, sap, testlab

Cookies… the next generation

1 Comment Posted by ChrisJohnRiley on October 29, 2010

I like cookies…. which probably explains why none of my T-Shirts fit properly anymore. Still, HTTP cookies are good too, even if they don’t taste as good. Michal Zalewski wrote a great piece discussing the ins/outs and general issues of cookies over on his blog (HTTP cookies, or how not to design protocols). In his blog he [...]

Security, Technology cookies, HTTP, HTTPonly Flag, ietf, RFC, Secure Flag

HTTP Strict Transport Security

Leave a Comment Posted by ChrisJohnRiley on August 27, 2010

If you’re a sad geek like me you’ve probably already heard of HSTS (HTTP Strict Transport Security). HSTS is designed to solve an issue where you access a web server using HTTP and are automatically redirected to the HTTPS equivalent (usually through a 301 or 302 response and a new location header). To most this seems [...]

Security, Technology firefox, HSTS, HTTPS, SSL, Strict Transport Security

← Older posts

Newer posts →

RSS feed

RT @mubix: Metasploit Fan? You should watch this pull request. period. http://t.co/uOBUhe1B Amazing work by @corelanc0d3r 3 hours ago
RT @iiamit: Red-Team at @SOURCEConf: http://t.co/Xh4ZgTK1 - make sure to book your training and travel ASAP as room is running out! Pls RT 3 hours ago
RT @LaNMaSteR53: Could someone else try this shell code exec technique on a fully patched OS X Lion box? Need a 2nd opinion. Thx. http:/ ... 9 hours ago
Nothing worse than finding out a project you've been working on for 6 months has just been released by another company! #Argggggg 12 hours ago
RT @Brav0Hax: #Ettercap is calling all C coders. As we move to a major release we're gonna need some help. All are welcome, tell your fr ... 14 hours ago
[SuggestedReading] Mini-PoC for PHP RCE (CVE-2012-0830) http://t.co/35ITAxwq 1 day ago

The contents of this personal blog are solely my own opinions and comments, as such they do not reflect the opinions of my employer(s) past, present or future. No legal liability is accepted for anything you do, think, or consider fact as the basis of articles and links posted on this blog.

"Three to one...two...one...probability factor of one to one...we have normality, I repeat we have normality. Anything you still can’t cope with is therefore your own problem."

Note: A large portion of content I post on my blog comes from "live blogging" of security conferences. These posts are in notes form and are written live during a talk. As such errors and emissions are expected. I'm only human after all!

Cатсн²² (in)sесuяitу / ChrisJohnRiley

Category Archives: Technology

23rd Annual FIRST Conference – Podcast

Setting up your own SAP Netweaver test lab

Cookies… the next generation

HTTP Strict Transport Security

Recent Posts

Archives

@ChrisJohnRiley

Flickr Photos

Links

Disclaimer

Follow “Cатсн²² (in)sесuяitу / ChrisJohnRiley”