Mike McCabeProxying Burp TrafficDuring application assessments often you need to provide testing IPs so the client knows if the traffic is legitimate testing or not. And…Aug 25, 2018Aug 25, 2018
Mike McCabeCreating S3 Honey PotsMost people are familiar with the concept of a honey pot. A fake resource/system that replicates some vulnerable system. It sits on the…Jan 26, 2018Jan 26, 2018
Mike McCabeRunning NSP OfflineNode Security Project (nsp), the command line tool to check Javascript projects for use of insecure packages is a great way to start any…Sep 19, 2017Sep 19, 2017
Mike McCabeA Few of My Favorite NewslettersDespite the claims of emails sure demise, newsletter are having a renaissance. Besides Twitter, daily, weekly, and monthly newsletters are…Aug 1, 2017Aug 1, 2017
Mike McCabeIs My Site Secure?A semi-comical hypothetical email chain with a consulting customer.Mar 15, 2017Mar 15, 2017
Mike McCabeOS X/MacOS Security ToolsBesides the obvious steps of turning on the firewall, using Filevault and some basic security settings, what more can you do to lock down…Jan 2, 2017Jan 2, 2017
Mike McCabeOdd HSTS BehaviorWhile testing an app with an invalid cert (internal CA), I noticed some interesting behavior with HSTS and Firefox. The browser was…Aug 30, 2016Aug 30, 2016
Mike McCabeUgly RubyI like Ruby. It’s a pleasant language to code in and review most of the time. But I was reading a post about some Ruby oddities that had…Feb 1, 20165Feb 1, 20165
Mike McCabeWorking & RSIAbout 9 months ago I developed a pain in center of my palm in my left hand while using my computer. The pain started as an ache then grew…Jan 25, 2016Jan 25, 2016
Mike McCabeMy OSX Setup ProcessAfter just setting up a new work laptop and then needing to do the same for a personal computer, I decided to document it. Long term, I’d…Dec 1, 20151Dec 1, 20151