How well do you see color? FACT: 1 out of 255 women and 1 out of 12 men have some form of color vision deficiency. Take the online color challenge, based on the Farnsworth Munsell 100 Hue Test.

SSL certificates are signed using a one-way hash — usually SHA-1.

Which is too bad, because SHA-1 is becoming dangerously weak. It's time to upgrade to SHA-2.

If you run a website that uses SSL, you can test your website using a small SHA-1 testing tool I built that will tell you what you need to do.

Even if you don't, I encourage you to read on. In the rest of this post, I'll cover how SSL and SHA-1 work together on the web, why it's as urgent as Google says it is, and what web browsers are doing.

If you've ever used git bisect, you know what an incredibly useful tool this is. It allows you to do a binary search through commits to find out which commit caused a particular error. Many people seem unaware of git bisect run ... which automates this even further, but it has a limitation: it won't let you find a particular error, it detects success or failure, that's all. So I decided to do something about that.

If there is one thing about testing in Perl which bugs me, it's that most testing in Perl is what cgi-lib.pl is to Plack. The following is mostly a rant and I'm also guilty of many of these sins.

The idea we had was to build an “unattended self-deploying” instance of Kali Linux that would install itself on a target machine along with a customized configuration requiring no user input whatsoever. On reboot after the installation completes, Kali would automagically connect back to the attacker using a reverse OpenVPN connection. The VPN setup would then allow the attacker to bridge the remote and local networks as well as have access to a full suite of penetration testing tools on the target network.

Now you can quickly view your DomainKeys, DKIM, and SPF validitay, and SpamAssassin score in one place. Just send an email to any address @www.brandonchecketts.com. Then check here to see the results.

Skipfish is an active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursive crawl and dictionary-based probes. The resulting map is then annotated with the output from a number of active (but hopefully non-disruptive) security checks. The final report generated by the tool is meant to serve as a foundation for professional web application security assessments.

Downloads and online tools for testing cross-browser web design. Focuses strongly on MSIE but may still be useful.

Sitespeed.io is an open source tool that helps you analyze and optimize your website speed and performance based on performance best practices. It collects data from multiple pages on your website, analyze the pages using performance best practices rules and output the result as HTML-files or JUnit XML.

|< First   < Previous   11–20 (48)   Next >   Last >|