Drako or what I thought the future of Pentesting AI would look likeThis is a post about a project I worked in 2020/2021, and I decided to write about it for posterity since it did take a lot of time and was…Mar 28Mar 28
Designing for exploitationAn overview of the possible future of automated exploitation systems and how we could defend against themJan 14, 20201Jan 14, 20201
Building Your Own Web Application Firewall as a Service And Forgetting about False PositivesThe following post is a reproduction of a paper of mine which was included in the In Depth Security Vol. III book which is compiled by the…Jan 3, 2020Jan 3, 2020
Detecting attacks and improving response through the use of real time security featuresAn overview on the benefits of using real time features in SIEM’sAug 22, 2019Aug 22, 2019
Exploiting A/B Testing for Fun and Profit (Part 2)This is the second part of a post based on a talk I gave in the Ekoparty security conference in 2016 on exploiting A/B testing frameworks.Aug 13, 2019Aug 13, 2019
Exploiting A/B Testing for Fun and Profit (Part 1)This post is based on a talk I gave at the Ekoparty security conference in 2016. Given the amount of requests I had on the subject I’m…Aug 13, 2019Aug 13, 2019
Expanding labeled datasets through correlated featuresAn approach to improve model generalisationJul 22, 2019Jul 22, 2019
Reducing your Google Pub/Sub costs over 95% by micro-batching with Google Cloud StorageUsing streams to separate components logicMar 28, 20193Mar 28, 20193
Persistant GCP backdoors with Google’s Cloud ShellCloud Shell GCP Google Cloud SecurityOct 27, 2018Oct 27, 2018
Auditing ssh activity with docker containersSince I got several request of similar ventures I’m writing a post on a way to log ssh connections with Docker while mentioning other…Feb 18, 2016Feb 18, 2016
