Stealing LocalStorage Tokens

by Vince
in Blog
Hits: 1358

This was an interesting situation where I thought I was retrieving a token using XSS, like (document.cookie), but instead the token was located in LocalStorage.  Obviously, you need to know the key name but since I had the application, I had that information.  Pushing aside the XSS part, the meat is here:

Read more

Our "Ideal Customer"

by Vince
in Blog
Hits: 928

I belong to a few business networking groups and I’m frequently asked – “Who is your ideal customer?”  Normally, I answer that question in generic terms but I was recently at a presentation given by a local HR benefits provider and my answer to that question changed the following week. 

Read more

Terraform EC2 Web Server

by Vince
in Blog
Hits: 992

In a previous post, I talked about using Terraform to spin up AWS instances.  Not to rehash what was already written, if you want to see the mechanics of account creation, permissions, and the basic server setup, please look to that post.  This post will expand on the basic server by executing a post install script that performs a number of tasks.  Really, this is where you can automate a ton and save time. 

Read more