I’m a customer of Hover for my domain name needs. However, that will be changing because I don’t believe that they take issues seriously.

The first security issue

I was browsing their site, looking for a new domain, and being the constant tinkerer I am, I entered a single quote into the …

I have been working as a security consultant for a few months now, and one finding that is on almost every webserver I come across, is the lack of an HSTS (HTTP Strict Transport Security) implementation. This is understandable, since HSTS is still fairly new. In fact, before starting at Accuvant, I …

I’ve read a ton of articles on bypassing Antivirus software when trying to run shellcode on machines. There’s just a ton available. These are just a few examples:

• http://dev.metasploit.com/redmine/projects/framework/wiki/Using_a_Custom_Executable_to_Bypass_AV …