Starting a new web based project? This is a reference of useful security related links and tools. Mostly web focused generally related to technologies I happen to be working with.
There are many related terms which are not all the same, but do share much overlap; WebSec/WebSecOps, DevSec/DevSecOps, Cyber/CyberSec/Cyber Security, SDLC. Security in general should be one of the first considerations when planning a new feature. As with most things in software development, the earlier security is considered the cheaper it is to apply its principles. I won’t go in to details on that philosophy in this post, but this is also known as shifting left which is common when talking about testing strategies.
This post contains a selection of resources related to Cyber Security for an easy reference. There are a lot of these out there, so this particular list is by no means exhaustive.
This is one of those things that comes up every now and then. Each time I have to go digging to remember the right syntax and steps involved.
Not any more! Today I spent a few extra minutes capturing a slightly re-usable script.
I’ve come across a situation recently to run SQL Server Reporting Services (SSRS) on a VM in the cloud. I won’t go in to the details, but hopefully it won’t be needed for too long :). As this is the only server that we need, I don’t see the need for an AD Domain. But wait, we have an Azure AD – can’t we join it to that?
I’ve had a problem with a pesky windows shortcut recently. After some googling with bing I came across a few older tools which claim to show a list of registered shortcuts. None of these looked terribly promising, and I eventually came across this StackOverflow answer which I don’t want to forget: Find out what process registered a global hotkey? (Windows API) Continue reading
While running Visual Studio 2015 as well as 2017 I’ve come across the following error running Web projects with IISExpress:
Stuck on a machine that has a restrictive PowerShell execution policy that is set via Group Policy? Unfortunately you can’t just use Set-ExecutionPolicy to change the policy for the MachinePolicy scope. Continue reading
Have you ever had to diff XML files? Because ordering isn’t important in XML structure, it’s often hard to diff changes in XML, especially if changes have been generated by tooling. A colleague and I came up with a quick script in PowerShell to order all elements and attributes in an XML files for an easier diff. Continue reading
This has been bothering me for a while. I haven’t been able to use any shortcut combination starting with Ctrl+M in Visual Studio. For example, since I don’t use R# I’ve become a fan of CodeMaid for reorganising and cleaning up files. CodeMaid’s default shortcuts all start with Ctrl+M. Continue reading
Lately it’s been bothering me that my fan has always been running on my MacBook Pro in Windows. I’m running Windows 10 Anniversary Update via Boot Camp, so there’s no virtualisation in the mix. The machine is always running hot, even when not really under load. Continue reading
In windows 10, if your network adaptor isn’t using DHCP, you appear to be stuck in “Unidentified Network” land. For example, this will apply if you set up an internal network for a Hyper-V VM with static IPs.
If you want to enable say, file sharing on that network this leaves you with a dilemma. Do you turn on sharing by defauly, which includes untrusted networks? A better option is to change the network type to Private, but how? Continue reading