Principal Security Consultant, with five years industy experience.
- Forbes - M.O.A.B Comment
- TechRound - M.O.A.B Comment
- IT Security Guru - NAZ.API Dataset Comment
- IoT Insider Article - This particular article was also published in the first print version of IoT insider and distrobuted at the following conferences: Cloud Expo (London), IOTSWC (Barcelona), Hardware Pioneers MAX (London), IoT Tech Expo (Amsterdam), Hannover Messe, Smart Retail Expo (London)
- What is DOM XSS and Why should you care? - Published in Computer Fraud and Security and Inspired by the shorter 'So what is DOM XSS blog', this piece explores the concepts touched upon, gives advise to testers and helps application owners understand the risks involed with DOM based XSS.
- Cockpit CMS flaws exposed web servers to NoSQL injection exploits - Publised in The Daily Swig, some comments I made regarding flaws found in the Cockpit CMS.
- Masquerade, cracking hashes with known formats. - Piece inspired by users who do not change thier Wi-Fi password from a standard known format, then using hashcat masks to circumnavigate this process.
- PHP Deserialisation/Object Injection - An explanation of how PHP Object Deserialisation can be abused in order to gain Remote Code Execution.
- So What is DOM XSS? - The piece which went on to inspire a larger article surrounding DOM XSS, what it is and how to identify it when testing!
- Depop Industrial Level Hacking - This was a requested blog on how to help users of the application depop stay safe from scams and protect their account. This also includes more general advice which helps people stay safe and secure online.