Learn how NoSQL Injection works, with example strings to inject to test for injections.

How to find security bugs and privacy violations using attack proxies. An introduction.

CloudFormation templates and walk-through to setup detailed security logging in multiple AWS accounts, centralized into a security account.

Setup and use System and Session Manager to replace bastion hosts for SSH and RDS tunnels. Automate security tasks on servers with automation documents.

A series of articles implementing advanced security controls on AWS, leveraging build in aws security tooling and security best practices.

A tool to search for subdomain and nameserver takeover risks across an organization, written in python.

Common docker deployment pitfalls and how to mitigate them when deploying a container to infrastructure you control.

Quick walkthrough of pivot techniques including ssh, meterpreter, ncat, and netcat.

An introduction to NoSQL and JavaScript Injections, with a sample vulnerable NodeJS/Mongo application.

A description of each security header, why it is important, and how to configure your website in a secure way.