WordPress is the most popular content management system (27.2% of all websites in 2016), bringing an ease in creating websites even for non technical users. Perfect option? Unfortunately not, as WordPress is also the most hacked platform (around 70% of all hacked CMS are WordPress based sites).
Overthewire.org - Krypton
Krypton is another wargame from OverTheWire, that is based on cryptography and cryptoanalysis. As I really love this topic I decided to give it a try, unfortunately level 6 was way harder than I thought and I couldn't complete this, but I'm still happy with the results.
About half of a year ago, my girlfriend got e-mail from post office saying that the the package was ready to pickup, with a quick note saying that more information is available in the attachment. I was asked to look at it, as she found it suspicious - mail was written very poorly - definitely not what official mail would sound like. Firstly I took a look at the domain, from where this mail was sent, and as I excepted, it was not connected to domains of our post service. But what I really wanted to know was, what's the goal of the attachment?
Web Application Security
Today we're going to start with Web Security - in particular I want to discuss security headers - small steps to keep your web application more secure. Without wasting your time, let's move to the content.