Recently I have been playing around with a few little side projects, and trying out different ways of getting them IntoTheCloud(tm). If you know me, you know that I'm pretty big on increasing efficiency, reducing boilerplate/time to start, automation, infrastructure as code (IaC), and similar fun things.| /dev/alias – Hack. Dev. Transcend.
(Update: The talk recording is now up on YouTube, latest links to related content in this tweet)| /dev/alias – Hack. Dev. Transcend.
Imagine a world driven by the strive for progress, improvement and innovation, rather than fuelled by corporate greed. Ideas and breakthroughs are shared freely and openly. Where instead of multiple separate entities having to expend the same effort to unlock the same benefits time and time again, locking them away inside their own corporate silos to ration out to the masses at overly inflated costs; we co-create that benefit, shared freely, and greatly accelerate the pace of innovation for e...| /dev/alias – Hack. Dev. Transcend.
I tend to dive down rabbit holes a lot, and given the cost of context switching and memory deteriorating over time, sometimes the state I build up in my mind gets lost between the chances I get to dive in. These 'linkdump' posts are an attempt to collate at least some of that state in a way that I can hopefully restore to my brain at a later point.| /dev/alias – Hack. Dev. Transcend.
Time for another Bulletproof Biohacked.com quarterly box.| /dev/alias – Hack. Dev. Transcend.
Time for another Bulletproof Biohacked.com quarterly box.| /dev/alias – Hack. Dev. Transcend.
Earlier this year I spent some time delving into Atlassian Confluence to see if I could dig up any bugs that had slipped through the cracks. I wasn't really expecting to turn up much, but I was super excited and surprised when I managed to find an issue within the RSS feed plugin leading to Cross-Site Scripting (XSS) (Twitter: 1, 2; LinkedIn: 1, 2; BugCrowd: 1, 2).| /dev/alias – Hack. Dev. Transcend.
Recently I had the opportunity to present at a few local security meetups, and one international security conference.| /dev/alias – Hack. Dev. Transcend.
Earlier this year I had an opportunity to spend some time looking at Squiz Matrix, a Content Management System (CMS) used across a number of sectors including higher eduction, media and publishing, goverment, finance, health, and utilities. With a huge number of features, a massive PHP codebase, and a numbr of high profile sectors as clients, I set out to see if I could find any interesting little bugs hidden away.| /dev/alias – Hack. Dev. Transcend.
Thanks for the featured writeup Hackaday! Make sure to check out the comments over there as well. Looks like Hackernoon picked it up as well, make sure to check in with the comments there too. It would be great if you could also head over to Hacker News, give an upvote, and join in the comments there. Let's get this information out there!| /dev/alias – Hack. Dev. Transcend.
