JessCap’n Crunch’s place in hacking historyDuring the mid 1900’s telephone companies where doing their best move away from having operators connect each individual call. As phone…Apr 17Apr 17
JessWeb Application Hacking Required ReadingA few books that I’ve read along the way that have greatly impacted my life are still good reads, even though they are getting old.Mar 27Mar 27
JessinBugBountyTipsStored XSS with HTTP only Session CookiesI got into a bug bounty program where you develop a store front to shill garbage to the masses. After some rooting around I found an XSS…Feb 152Feb 152
JessinTechiepediaFat GET Authorization BypassI was testing a SaaS web application that would generate reports with user data. There were several different reports for user roles and…Nov 29, 2023Nov 29, 2023
JessinTechiepediaXSS ContextXSS vulnerabilities are a common “first bug” for people getting into cybersecurity. It is also a mainstay vulnerability that professionals…Nov 7, 2023Nov 7, 2023
JessWeb Security Practice Lab SetupThe purpose is to provide instructions on how to set up a web security test bed for upcoming talks and workshops.Oct 14, 2022Oct 14, 2022
JessCode review to simple RCEA code review penetration test of an old PHP application reveled a simple RCE.Jun 9, 2022Jun 9, 2022
JessBug Bounty FIRE GoalsUsing bug bounty along side full-time employment is a solid means to attain FIRE. (Financial Independence/Retire Early)May 26, 2022May 26, 2022
JessinTechiepediaSocial Media Take Over = Easy MoneyIf you are alive like me, you probably also enjoy the idea of easy money.May 26, 2022May 26, 2022
