Edward Wall

Computer Science Student

Bank Grade Security

I have launched a new website which analyses and scores the security of bank's online systems based on a number of factors.

97% of BrowseAloud users are still vulnerable to the same attack

In February attackers injected a cryptominer into BrowseAloud's code which then ran on over 4000 websites which used the service. Three months later the vast majority of websites which were affected have not removed their vulnerability.

Cloudflare SAN Scan

Websites on the same Cloudflare account will share a TLS certificate. Cloudflare SAN Scan analyses past TLS certificates and finds other domains which are on the same Cloudflare account.

What is Subdomain Takeover?

Subdomain Takeover (or Subdomain Hijacking) is the act of taking control of a subdomain's content. It can occur when a subdomain which was using a third party service stops using the service but does not remove the DNS records pointing to the third party.