JessCap’n Crunch’s place in hacking historyDuring the mid 1900’s telephone companies where doing their best move away from having operators connect each individual call. As phone…·3 min read·Apr 17, 2024----
JessWeb Application Hacking Required ReadingA few books that I’ve read along the way that have greatly impacted my life are still good reads, even though they are getting old.2 min read·Mar 27, 2024----
JessinBugBountyTipsStored XSS with HTTP only Session CookiesI got into a bug bounty program where you develop a store front to shill garbage to the masses. After some rooting around I found an XSS…·2 min read·Feb 15, 2024--1--1
JessFat GET Authorization BypassI was testing a SaaS web application that would generate reports with user data. There were several different reports for user roles and…·2 min read·Nov 29, 2023----
JessXSS ContextXSS vulnerabilities are a common “first bug” for people getting into cybersecurity. It is also a mainstay vulnerability that professionals…·4 min read·Nov 7, 2023----
JessWeb Security Practice Lab SetupThe purpose is to provide instructions on how to set up a web security test bed for upcoming talks and workshops.·3 min read·Oct 14, 2022----
JessCode review to simple RCEA code review penetration test of an old PHP application reveled a simple RCE.·2 min read·Jun 9, 2022----
JessBug Bounty FIRE GoalsUsing bug bounty along side full-time employment is a solid means to attain FIRE. (Financial Independence/Retire Early)·1 min read·May 26, 2022----
JessSocial Media Take Over = Easy MoneyIf you are alive like me, you probably also enjoy the idea of easy money.·3 min read·May 26, 2022----
JessWeakly Typed SQL InjectionProgramming languages come in two categories: Hard/Strong Typed Soft/Weak Typed·2 min read·Mar 3, 2022----