Reversing the fryer binary from the Cybersecurity Awareness Month CTF with GDB and some C, because why not?

Patterns that may lead to burnout

Going over commands that helped me reverse engineer a binary or two.

How to communicate technical projects with a broader audience?

Let's go over concepts that can make using Prometheus more intuitive as a new user.

How seeking context can produce better outcomes on decision making.

Writeup for the Hacker101 CTF challenge Cody's First Blog

Writeup for the Hacker101 CTF challenge Photo Gallery

Writeup for the Hacker101 CTF challenge Encrypted Pastebin

Writeup for the Hacker101 CTF problem Micro-CMS v2

Introduction to the Hacker101 CTF through the Micro-CMS v1 challenge

Or what could AppSec learn from product teams?

A recap on my journey through the OSWE certification

A deep dive on how teams under high utilization are negatively impacted and how to spot this pattern in your own teams

What is gatekeeping and when can it lead to a positive outcome?

How a memory leak within one of our middlewares exposed user sessions across requests.

A tale of software development and hidden complexity

Where we end up using matrices and exponentiation by squaring to model a linear recurrence.

Let's investigate MACs built using block ciphers by learning about the ECBC algorithm.

Reasoning about investment planning as a manager

Is implementing SAST in your organization as simple as it looks?

How to implement productive pair programming sessions?

What is a Message Authentication Code and what is it used for?

In this post we will investigate how multiple ciphertexts encrypted with a fixed nonce in CTR mode can be attacked.

In this post we will investigate how encrypting and decrypting in CTR mode works.

In this post we will investigate how this seemingly innocuous idea of using our key as the IV can be exploited to leak the key under certain conditions.

Let's explore how we can validate postMessage declarations in our JavaScript or TypeScript codebases.

Let's explore this modern static analysis tool and how it allows us to identify patterns in our code for linting or security purposes.

Exploiting CBC Padding Oracle

Let's understand and implement the CBC bit-flipping attack.

Let's exploit ECB yet again, this time through the cut and paste attack.

How do we figure out the block size of a message encrypted with ECB?

Decrypting ECB a byte at a time

Given that we are using repeating-key XOR, how do we figure out the length of an unknown key?

Implementing and breaking the repeating-key XOR algorithm

As a manager, what should we pay attention to when we have a successful team that is expanding rapidly?

What I consider a good technical mentorship?

Thoughts on content curation as a way to mitigate content overload.

A take on different leadership styles and what I consider a healthy balance.

Learning and mentoring through our new digital context.