Weekly newsletter about leadership, technology, books and anything else we felt compelled to share with others
Year 4 - Edition 1
A Fistful of Links is a weekly newsletter about leadership, technology, books, and anything else we felt compelled to share with others, brought to you by Og Maciel and Mirek Długosz.
Practical Web Cache Poisoning
By James Kettle
Web cache poisoning has long been an elusive vulnerability, a ‘theoretical’ threat used mostly to scare developers into obediently patching issues that nobody could actually exploit. In this paper I’ll show you how to compromise websites by using esoteric web features to turn their caches into exploit delivery systems, targeting everyone that makes the mistake of visiting their homepage.
Strategies & Tips For Improving Your Testing Reputation
By Beth Marshall
As someone who has found work through ex-colleagues, ex-bosses or even ex-interviewees, I am living proof that reputation matters. It used to be a case of it’s not what you know, it’s who you know. Right now, it’s not who you know, it’s who knows you.
One thing stuck with me: considering what happens as soon as a package is installed. (…) I wanted to explore this further, so in this post I’m going to walk through how I installed and analyzed every package in PyPI looking for malicious activity.
I hear a lot about testers becoming automation experts, accessibility gurus or white hat hackers. All very worthy but the performance and load tester option is still a rarely trodden career path and a great proponent is hard to find. It starts with scaling your thinking.