DerbyCon 8 – Web App 101: Getting the Lay of the Land

By Red Siege | October 5, 2018

Mike Saunders will be presenting “Web App 101: Lay of the Land” at DerbyCon 8, Saturday, October 6 at 12:00 PM, in Track 2 (upstairs). Mike draws on his experience in app testing to help you build an effective process for testing web applications, including how to approach scoping, Mike’s methodology for testing, and some tips and tricks Mike uses when performing app tests. This talk does not focus on the technical details of specific attacks, or how to go about testing for specific kinds of issues. 

Attacking SAML implementations

By Red Siege | November 2, 2021

SAML and SAML Attacks Recently a client mentioned that they wanted me to pay particular attention to the SAML authentication on an app I was going to be testing. It’s […]

Learn More
Attacking SAML implementations

Bypassing Signature-Based AV

By Red Siege | August 25, 2021

If you want to execute arbitrary code on an endpoint during a penetration test, red team, or assumed breach, chances are you’ll have to evade some kind of antivirus solution. […]

Learn More
Bypassing Signature-Based AV

Sans Core Netwars Tournament of Champions Europe

By Red Siege | August 9, 2021

From Justin Palk, Security Consultant: I’ll be honest, it feels good to win. Popping a shell sends a shiver down my spine. But getting into a duel with another team […]

Learn More
Sans Core Netwars Tournament of Champions Europe

Find Out What’s Next

Stay in the loop with our upcoming events.