Test Retreat

Welcome to the homepage of Kris Corbus

Archive for the category “web security”

#30DaysOfSecurityTesting – Task XXX

30 Discover the difference between White, Grey, and Black Hat Hacking

This task is not a real challenge for me, but challenge is a challenge, so here is a summary:

Black Hats see hacking as an intellectual challenge, they have drive to outsmart others and see stolen money as a reward for their skills.

White Hats are called also as ethical hackers. They use the same methods of hacking as black hats, but they do it with permission of the owners. For example, @mikko is a white hat hacker.

Grey Hats in my understanding are kids, who have skills, like to play with those, but behave careless or are not aware of law or ethical issues.

So far so good. Now time for one of my learning sources – YouTube :)

“wild pleasure of exploration”, “the pope is currently not available”


#30DaysOfSecurityTesting – Task I


Ministry of testing organizes another challenge: 30 days of security testing. I like challenges in general and even I am not a security tester, I am privately interested in the topic. In my opinion, everybody should be. Week ago I bet with my colleague that in less than five years, a health of individual digital privacy will be a standard. …or robots will rule the world and we will have no privacy at all.

Today is the first day of the challenge: Read a security blog

Here is my very short list of security blogs:

What I read today? Since I learned a lesson do not to click a button, I am aware of ransomware. This week on news on local radio I heard that in Germany hackers attack companies who are looking for new employees. They send application with CV in the attachment, which is not readable at first. And then there is the button. The rest you can imagine. Stories about attacked hospital, police offices and here is a new ransomware story about a locked in hotel guests.

At the end, some ideas how to protect yourself from ransomware. And of course: do NOT click the button!


~UPDATE with another links to web security related blogs~

Web Security: The Line Of Death


I always had an interest in web security, but because I have so many interests, this one was pending somewhere in the background. I prefer to apply knowledge what I gain and it seemed that web security is too abstract, too difficult and not applicable in daily actions. In the same time, I try not to fall in the obvious traps.

Since I watched on youtube Nordic Testing Days 2016 keynote “State of The Net” by Mikko Hypponen. Starting that moment I look for simple ways how to keep my webbing secure and my privacy private. For example, I search for information on DuckDuckGo  instead of Google, and rethink my home network.

My todays read is The Line Of Death written by Eric Lawrence. Known things with more depth and background story and there is more to explore on his blog!

Post Navigation