7MS #221: News and Links Roundup
What follows are some of my favorite training opportunities, news bits, tools/scripts and humorous stories to send you into the weekend with!
- The recording from the BHIS Webinar on Web App Security Training is now up on YouTube.
Apple introduces bug bounty program at BlackHat - get $200k for finding vulns in certain Apple products! Wow!
A group of security researchers found remote code execution and other ugly vulns on PornHub.com (not gonna link to that directly...but in case the name isn't self-explanatory, it's not a Disney site).
Sandstorm.io looks to be a pretty cool way to create your own private cloud (the app collection looks decent as well).
Here's a ghetto XSS cheatsheet containing "...XSS payloads that I find to be useful during penetration tests, especially when faced with WAFs or application-based black-list filtering, but feel free to disagree or shoot your AK-74 in the air."
When Google security reacher Tavis Ormandy sets his sights on something boy oh boy do people get passionate!
I'm thinking of changing Friday's episode into a newsletter distribution instead. That way I can free up a bit more time to work on tech how-tos and VulnHub walkthroughs that have both audio and video options.