It’s time to move to a new environment! I’m happy to announce that as of today, my security demos will be available 24/7 in Oracle Cloud! 🙂
How did I start my hacker’s guide demos? When did it start? And how have I moved to Oracle Cloud?
My first conference presentation about security was at JavaOne in 2014 titled Building secure application with Java EE. It was a 90-minute deep-dive session, more challenging due to being a featured speaker.
I didn’t want to bore attendees, so I decided to showcase security theory in practice. I developed a couple of demos to illustrate common authentication and session management problems interactively. I mean, live hacking!
I’m truly glad that the audience liked my demos!
Since that time, the security demos grew into a series ‘The Hacker’s Guide to …’, including session hijacking, XSS, NoSQL, and, most recently, JWT security.
And I’m even more glad the audiences still like my demos!
To present live demos and interactive hacking with audience, I needed:
- a vulnerable application
- a public server to deploy my vulnerable application to be available to audience
That part was easy! 🙂 I developed a series of demos myself, showcasing:
- security vulnerabilities in authentication and session management using Java EE and Glassfish
- cross-site scripting (XSS) vulnerabilities using node.js
- NoSQL injections using node.js and mongodb
- JWT security vulnerabilities using angular and REST services in Java
Back in 2014, I decided to use AWS and its micro instance. It worked pretty well, especially when the instance was free. However, soon the bills started to pile up. I decided to turn my demos on only for my conferences, training, and workshops. Other times, it was disabled. It was not very convenient because participants often wanted to explore the demos in detail later on.
Enjoy my demos and Oracle Cloud!