So much information about testing webapps for security problems is old. Don’t get me wrong, the old stuff still works way more often than we’d like, but there’s more to […]

The post Webcast: Modern Webapp Pentesting: How to Attack a JWT appeared first on Black Hills Information Security, Inc..

I like webapps, don’t you? Webapps have got to be the best way to learn about security. Why? Because they’re self-contained and so very transparent. You don’t need a big […]

The post Webcast: Free Tools! How to Use Developer Tools and Javascript in Webapp Pentests appeared first on Black Hills Information Security, Inc..

BB King//* The state of Ohio recently validated a webapp pentest finding that sometimes goes overlooked. It relates to the details of administrative functions, how they can be abused, and […]

The post When Infosec and Weed Collide: Handling Administrative Actions Safely appeared first on Black Hills Information Security, Inc..