Sign up to save your podcasts
Or
Share The DIY Lab - ASW #185
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
The DIY Lab - ASW #185
Lots of web hacking can be done directly from the browser. Throw in a proxy like Burp plus the browser's developer tools window and you've got a nearly complete toolkit. But nearly complete means there's still room for improvement. We'll talk about the tools to keep on hand, setting up practice targets, participating in bug bounties, and more resources to help you learn along the way! Then, this week in the Application Security News: RCE in Cassandra, why pixelization isn't good redaction, Rust's compiler is friendly, Edge adds arbitrary code guard to its WASM interpreter, & the difference between secure code and a secure product (as demonstrated by a DAO)
For tips on labs beyond just appsec, be sure to check out the Security Weekly webcast on "Do It Yourself: Building a Security Lab At Home" at https://securityweekly.com/webcasts/do-it-yourself-building-a-security-lab-at-home/
Segment resources: - https://www.darkreading.com/careers-and-people/want-to-be-an-ethical-hacker-here-s-where-to-begin
https://github.com/AdminTurnedDevOps/DevOps-The-Hard-Way-AWS
https://owasp.org/www-project-juice-shop/
https://owasp.org/www-project-vulnerable-web-applications-directory/
https://portswigger.net/web-security
https://azeria-labs.com/writing-arm-assembly-part-1/
https://twitter.com/0xAs1F/status/1480604655952433155
Visit https://www.securityweekly.com/asw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
Show Notes: https://securityweekly.com/asw185
View all episodes
By Security Weekly Productions
4.9
1111 ratings
Lots of web hacking can be done directly from the browser. Throw in a proxy like Burp plus the browser's developer tools window and you've got a nearly complete toolkit. But nearly complete means there's still room for improvement. We'll talk about the tools to keep on hand, setting up practice targets, participating in bug bounties, and more resources to help you learn along the way! Then, this week in the Application Security News: RCE in Cassandra, why pixelization isn't good redaction, Rust's compiler is friendly, Edge adds arbitrary code guard to its WASM interpreter, & the difference between secure code and a secure product (as demonstrated by a DAO)
For tips on labs beyond just appsec, be sure to check out the Security Weekly webcast on "Do It Yourself: Building a Security Lab At Home" at https://securityweekly.com/webcasts/do-it-yourself-building-a-security-lab-at-home/
Segment resources: - https://www.darkreading.com/careers-and-people/want-to-be-an-ethical-hacker-here-s-where-to-begin
https://github.com/AdminTurnedDevOps/DevOps-The-Hard-Way-AWS
https://owasp.org/www-project-juice-shop/
https://owasp.org/www-project-vulnerable-web-applications-directory/
https://portswigger.net/web-security
https://azeria-labs.com/writing-arm-assembly-part-1/
https://twitter.com/0xAs1F/status/1480604655952433155
Visit https://www.securityweekly.com/asw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
Show Notes: https://securityweekly.com/asw185
More shows like Application Security Weekly (Audio)
View all
Marketplace Tech
1,274 Listeners
Security Now (Audio)
1,965 Listeners
Risky Business
360 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
628 Listeners
CyberWire Daily
1,013 Listeners
Enterprise Security Weekly (Audio)
14 Listeners
AWS Podcast
201 Listeners
Business Security Weekly (Audio)
3 Listeners
Paul's Security Weekly (Audio)
14 Listeners
The Application Security Podcast
36 Listeners
Darknet Diaries
7,843 Listeners
Hacking Humans
311 Listeners
Defense in Depth
78 Listeners
Cyber Security Headlines
119 Listeners
Risky Bulletin
33 Listeners