According (ISC)² the CSSLP is ideal for software development and security professionals responsible for applying best practices to each phase of the SDLC. For years I am working in software develop...

I phish you a Merry Xmas Short and dark days, the end of the year is insight. With December as the last month, we still have some fun holidays ahead of us. Sinterklaas has just left the country a...

IT Security Labs has created a new OSCP like vulnerable Windows machine. I downloaded the machine and imported it into my pentest lab environment. It is practice time! Let’s have some fun while ha...

Years ago I automated some work in MS Excel with VBA. Sometimes I decided to protect the source code with a password. A password that later turns out not to provide sufficient protection for the f...

Through a forum post I found out that a PenTest+ (PT0-002) Beta exam could be done for 50 US Dollars. The moment the Beta exam was opened, I registered immediately. And started the journey for me t...

Ready to rumble…. Another HTB machine is going down today. This time it is Horizontall. The name does not ring a bell, it might be something with lateral movement but I am not sure about this. Get...

Today I was in the mood to hack an easy box on Hack The Box. When I logged on to the website I noticed a machine called ‘CAP’ a Linux machine and it was counting down to his retirement. This was th...

A while back I started getting certifications such as CISSP, CEH, ECSA and CSSLP. Many questions are multiple choice and can often be found in books at the end of a chapter. I like to read a paper...

Today is International Password Day. A day where attention is asked to take a good look at your password. Or rather, to your passwords. Your password is private Your underwear is private and no ...

A follow-up to the well-known CEH certificate is ECSA (EC-Council Certified Security Analyst) from EC-Council. The course is booked at the same time as the CEH course and would therefore take place...