The AWAE/OSWE Journey: A Review

Students who are familiar with the PWK/OSCP understand that the field of penetration testing is broad, and at times, overwhelming because there is a lot to learn. Does the AWAE/OSWE come across as significantly less broad? Well, not exactly, because web applications are extremely diverse. Let us take the white box/black box approach to examine…

Pre-OSWE Jitters

Dear Offsec, I’ve never quite felt such a magnitude of ph33r in any examination so far, but the thought of facing a L100 behemoth for 48 hours in a week’s time is frightening indeed. I was a L10 servant in infosec before the AWAE course, and now I’m barely a L30 archer. Spending countless days…

The “Irrational” Human?: Part 2

“Minimum 8 characters, minimum 1 upper case, 1 lower case, 1 number and 1 special character.” Sounds familiar? Yes, this is a fairly common password policy. Users found the shortest password that could meet these requirements, “P@ssw0rd” and used it so widely that one of the biggest data breaches in Singapore documented how the use…

The “Irrational” Human?: Part 1

Recently, I finished reading a book at the intersection of behavioural economics and psychology, and will be embarking on yet another book on behavioural economics. For someone who graduated from a hard science degree, I think this qualifies as “reading some fluff” to pass time. They make for interesting reads to suggest that humans are…

Cyber 101 with Bitcrafts!

Is cybersecurity merely only for technically gifted people? Well, not quite. With the advent of the digital world (think Smart Nation), there has been an increasing need for cyber literacy and awareness. Yet, there exists a gap between cyber professionals and laypeople in terms of cyber awareness and literacy. Hence, one short way of addressing…

Digital Defence

It’s Total Defence Day in Singapore today. And for the first time in thirty-five years, there has been an update to the framework. Introduce Digital Defence. This was probably much called for, considering how the theatre of warfare has transcended physical space into the digital space. The subject of digital warfare is too complicated to…