DISCLAIMER: Don’t do this! Lots of websites like the BBC use riddle.com to poll their readers’ opinions. It doesn’t seem like Riddle creates a nonce or token for any new vote so it’s simple AF to game it. All you need is Chrome Dev Tools and a Bash terminal. From today’s research I noticed aContinue reading “How to Manipulate Riddle Votes”
Category Archives: Application Security
Digital Medical Device Security Assessments
Lately I’ve been heavily involved in assessments on a couple of different medical devices. I can’t lay down specifics on the types of device or the companies at the moment but you can use your imagine. The devices are of the ‘smart’ genre and the end-user is a patient with health concerns. These assessments haveContinue reading “Digital Medical Device Security Assessments”
[Wire Security] Threat Modelling using STRIDE
This is a cross-post from https://www.wire-security.com I’ve worked on a couple of threat modelling jobs for Wire-Security. We take a STRIDE approach to the methodology. You’ll come across many resources online from other bloggers etc. that will be a much more comprehensive guide for some people but I’m going to keep it simple here, and hopefullyContinue reading “[Wire Security] Threat Modelling using STRIDE”
[Wire Security] How to Pentest Mobile Apps in 2020 – A Sensible Approach
This is a cross-post from https://www.wire-security.com Introduction I’m James and I’m a consultant here at Wire Security. I’ve been an app developer since 2012 and I’m just getting started in my career in security. I’ve always felt like a hacker and these days I’m over the moon to actually be one! I’m going to be writing more articles hereContinue reading “[Wire Security] How to Pentest Mobile Apps in 2020 – A Sensible Approach”