I have been working as a security consultant for a few months now, and one finding that is on almost every webserver I come across, is the lack of an HSTS (HTTP Strict Transport Security) implementation. This is understandable, since HSTS is still fairly new. In fact, before starting at Accuvant, I …

I’ve read a ton of articles on bypassing Antivirus software when trying to run shellcode on machines. There’s just a ton available. These are just a few examples:

• http://dev.metasploit.com/redmine/projects/framework/wiki/Using_a_Custom_Executable_to_Bypass_AV …