Working Around Anti-Pasting in Mac OS X
Ever come across an input field that didn't allow you to paste? It get's quite frustrating doesn't it; especially if »
Even Banks Can Screw Up Password Security
Yesterday, while I was scrolling through my Twitter feed, I came across this worrying interaction between a clearly frustrated customer and CIBC [http://cibc.com]: > »
Blind Error-based SQL Injection with NULLIF()
The other day I found an interesting way to use error-/boolean-based SQL injection, blindly, to exfiltrate database artifacts. What do I mean by that? Well, »
Using Groovy in BurpSuite with BurpKit
In August of 2015, I released a tool at DEFCON 23 [https://www.defcon.org/html/defcon-23/dc-23-index.html] called BurpKit [https://github.com/allfro/burpkit] »