Testing the 'Hacky Path'

Have you ever wondered how hackers find and exploit vulnerabilities in your application? How can you go beyond the conventional happy path and unhappy path testing to uncover hidden flaws in your application?

Read More

Shifting Left with Nuclei: A Tester’s Perspective

Nuclei is a popular tool for DAST that allows you to scan web applications for vulnerabilities using predefined or custom templates. It is often used as a part of a DevSecOps pipeline to catch security issues before they reach production. But is it beneficial to shift left with Nuclei?

Read More

Homelab Part 1 - Docker, Pihole & Unbound

This series is going to document my first serious look into home-labbing. I have been doing little bits here and there over the past few years. Automating this, hosting that, trying so many times and never quite succeeding to create a VPN into my home network. Over these years I have always had one thing holding me back. I have not been on my own network. I have been sharing one with lots of other people, which meant breaking things was not an option really. I’m pretty sure without breaking a lot of things, I cannot get this to work.

Read More

Xiaofang firmware downgrade 2019

Recently I have been looking into more and more Xiaomi devices and being pleasantly surprised at every stage. The products are always great quality and so cheap. The only problem I run into, especially with the home devices, is the way Xiaomi likes to restrict access to some devices to mainland China. In the past the workaround has been simple, set the app to mainland China and Xiaomi will turn a blind eye. However, with firmware version 5.6.2.197 this changed for me on my Xiaofang camera.

Read More