March 4, 2021

My review of the INE/eLearnSecurity PTS course and eJPT exam

I passed the eJPT exam (January 2021) and in this blog post I describe my experience with the course and exam to help you decide if it is for you, however if you already decided to take it, I also share some tips for the exam that might help you during the process.

November 28, 2020

A Gentle Introduction to Credential Stuffing on HTTP Basic Authentication

Credential stuffing is an attack often linked to widely-known data breaches, where credentials are leaked for applications available over the internet such as social networks and e-mail clients. However while performing a security assessment of a specific application or network, one may come across credentials stored in plain-text files or wikis that are available from within the private network.

August 15, 2020

The best managed blockchain platform: Azure or AWS? - Part 1

Recently I started researching blockchain and distributed ledger technologies for a project I’m working on. During the formal definition of the application’s architecture, I concluded that using a permissioned blockchain that supports the execution of smart contracts was the best approach.

June 27, 2020

fn main() { println!("Hello, world!"); }

The beginning of something.