Tech Blog

A Snapshot of CAST in Action: Automating API Token Testing
An Intro to Fuzzing (AKA Fuzz Testing)
IAM Vulnerable - Assessing the AWS Assessment Tools
IAM Vulnerable - An AWS IAM Privilege Escalation Playground
You're Doing IoT RNG
LEXSS: Bypassing Lexical Parsing Security Controls
An Exploration of JSON Interoperability Vulnerabilities
Bad Pods: Kubernetes Pod Privilege Escalation
Lessons Learned on Brute-forcing RMI-IIOP With RMIScout
Design Considerations for Secure GraphQL APIs