Hello Techie Brekkie and thanks for clicking on my blog!
I put the “Hacking for Muggles” talk together because I believe discovering security vulnerabilities isn’t a superpower. For the most part what’s actually needed is: creativity, the ability to recognise patterns, and a willingness to experiment.
My career as a software tester means I get to use these skills on a daily basis, so security vulnerabilities are – to me – just more interesting puzzles to get to the bottom of and I like seeig and talking about how they were discovered, how they work, and what could get exploited!
But, without further ado, here are the three big topics of the talk. These vulnerabilities didn’t need hacking skills like you’d see in The Matrix or Swordfish to exploit but instead rely on the attributes I introduced above.
- Moonpig vulnerability
- How I used a simple Google query to mine passwords from dozens of public Trello boards
- Immobilise: ‘Burglar’s shopping list’ security flaw fixed
Thanks for reading and I hope you enjoyed the talk!