Despite the fact that I am running a 64-bit version of Windows 7, I sometimes need to run 32-bit applications. By default these applications are only able to use 2 GB of memory, regardless of the amount of available memory on the system (see: https://docs.microsoft.com/en-us/windows/win32/memory/memory-limits-for-windows-releases ). However, I sometimes need these 32-bit applications to be […]
In my last post on the Active Authentication project I described how to use Microsoft Detours to collect a trace of system calls (also known as system events) for a single process. At Coveros Labs we leveraged an example program provided with Detours in order to create our own prototype system that validates the identity of a […]
I was working on a SharePoint DoD project, due to security requriements(STIG) it needed to display a disclaimer notice banner when a user initiates a session with the SharePoint Site. This solution tells how to customize and deploy the SharePoint Global.asax that triggers the new session start event to display the disclaimer notice banner. This solution was split into two SharePoint […]
I was working on a mobile view of a SharePoint 2010 site. The static data or the document library on the page displayed in the mobile view. But content editor web part doesn’t appear in mobile view and then I figured out that content editor web part is not supported in mobile view. The work […]
Continuous integration (CI) is a key component of agile software development that all organizations should strive to include in their development process. However, for small organizations with little or no infrastructure, purchasing and maintaining a server to use for continuous integration is extremely impractical and often infeasible. In these situations it is more cost-effective to […]
When developing an application in programming language A you may discover that certain parts of the program are easier to code using a different language B. At this point you have one of three choices: Write the application entirely in language A. Write the application entirely in language B. Write most of the application using […]
As part of my ongoing collection of reviews and thoughts on today’s Security Testing Tools, I’m taking a look at the Zed Attack Proxy (ZAP) by OWASP. While, my last review of WebSecurify, looked at a very simplistic tool for Web Application Security Testing, this review will bring us a slightly more complex tool. So where […]
I recently published an article about using CAT.NET security scanner on your .NET web application. Once you get it running, it’s fairly simple to integrate it into your continuous integration process. Our strategy here will be to use a down-stream job in Hudson to run static security analysis on our application build after the main compilation/packaging […]
I use a lot of virtual machines for the work I do. Invariably, I start with small virtual hard drives that continuously grow until I run out of space. I used to go through wild gyrations to add an additional hard drive to the machine. It’s actually much simpler to just expand the hard drive. […]
Some of the sites I use require a CAC smart card to establish SSL access. (Forge.mil is an example of this.) Chrome and IE (shudder) are both smart enough to use a smart card for certificates out of the box on Windows. Unfortunately, Firefox doesn’t seem to be set up to do it without some […]
