Make the most of Avatao

Latest posts

The Tutorial Framework: Containerizing Cybersecurity Knowledge

The Tutorial Framework: Containerizing Cybersecurity Knowledge

Reading Time: 9 minutes How can we make security education a whole lot more accessible and fun? The tutorial framework is the answer. In this article we dive into how to create interactive learning environments running inside containers.

Learn about CSP-based XSS protection

Learn about CSP-based XSS protection

Reading Time: 6 minutes The security model of web is rooted in the same-origin policy. Each origin is isolated from the rest of the web and codes should only have access to their origin’s data. Because of this model, browsers trust every code that shows up on a page as it’s a part of the pages’ security origin.

Three major XSS issues in 2016 (plus an avatao XMaSS challenge)

Three major XSS issues in 2016 (plus an avatao XMaSS challenge)

Reading Time: 3 minutes In our previous blog, we gave you a small introduction to Cross-site Scripting (XSS) attacks and added some easy challenges to get a taste of web security. It seems, however, that XSS is still one of the top vulnerabilites on the web. An attack against Yahoo Mail and various sandbox escape techniques keep this this topic hot.

Parse your binaries with Kaitai WebIDE

Parse your binaries with Kaitai WebIDE

Reading Time: 3 minutes Binary analysis starts with the understanding of different file formats. Fortunately, there are several tools (e.g., CFF explorer, FileAlyzer) that help you to understand their internal structure, however, most of these tools are not generic enough and do not expose APIs or SDKs. As a result, when automated analysis is required you have to implement your own scripts to parse those binaries.

Get your team up to speed with the latest practices in cybersecurity