Moving to Oracle Cloud

patrycja — Tue, 01 Sep 2020 17:59:14 +0000

It’s time to move to a new environment! I’m happy to announce that as of today, my security demos will be available 24/7 in Oracle Cloud!

How did I start my hacker’s guide demos? When did it start? And how have I moved to Oracle Cloud?

Security Demos

My first conference presentation about security was at JavaOne in 2014 titled Building secure application with Java EE. It was a 90-minute deep-dive session, more challenging due to being a featured speaker.

I didn’t want to bore attendees, so I decided to showcase security theory in practice. I developed a couple of demos to illustrate common authentication and session management problems interactively. I mean, live hacking!

I’m truly glad that the audience liked my demos!

Since that time, the security demos grew into a series ‘The Hacker’s Guide to …’, including session hijacking, XSS, NoSQL, and, most recently, JWT security.

And I’m even more glad the audiences still like my demos!

Hosting

To present live demos and interactive hacking with audience, I needed:

a vulnerable application
a public server to deploy my vulnerable application to be available to audience

Vulnerable application

That part was easy! I developed a series of demos myself, showcasing:

security vulnerabilities in authentication and session management using Java EE and Glassfish
cross-site scripting (XSS) vulnerabilities using node.js
NoSQL injections using node.js and mongodb
JWT security vulnerabilities using angular and REST services in Java

Public server

Back in 2014, I decided to use AWS and its micro instance. It worked pretty well, especially when the instance was free. However, soon the bills started to pile up. I decided to turn my demos on only for my conferences, training, and workshops. Other times, it was disabled. It was not very convenient because participants often wanted to explore the demos in detail later on.

Oracle Cloud

Thanks to becoming Oracle Grounbreaker Ambassador, I’m allowed to use Oracle Cloud resources within a certain quota. It’s a great news! Now my demos can be online 24/7.

Today, I have officially moved my JWT security demos to Oracle Cloud. They are available at demo.yonlabs.com. My first conference appearance with new demos will be at JavaZone on September 9th, 2020.

Enjoy my demos and Oracle Cloud!

Another cool demo in @yonlabs 's #JavaOne session: cookie hijacking via XSS.
— Bert Jan Schrijver (@bjschrijver) September 30, 2014

Excellent talk by @yonlabs about JWT security pic.twitter.com/GIgNyRZfm7
— Barry van Someren @ localhost (@bvansomeren) November 7, 2019

I’m Oracle Groundbreaker Ambassador!

patrycja — Fri, 07 Aug 2020 15:30:54 +0000

Wow! It’s official now! I have become an Oracle Groundbreaker Ambassador.

Congratulations to new @groundbreakers Ambassadors @yonlabs and @rugi! https://t.co/PdE4H3cDrw
— Oracle Groundbreakers (@groundbreakers) July 10, 2020

Oracle Groundbreaker Ambassadors have expertise in modern development areas such as cloud, microservices, containers, Java, DevOps, continuous delivery, open-source technologies, and SQL/NoSQL databases. These professionals are contributors to open source projects, authors on contemporary development approaches, and speakers at top industry conferences such as DeveloperWeek, DevNexus, Devoxx, Oracle Code and Oracle Code One, QCon, and Velocity. Besides presenting, writing, or contributing to open source projects, Oracle Groundbreaker Ambassadors may also play a leadership role in user groups, answer questions in forums, and provide Oracle product management with feedback.
https://developer.oracle.com/ambassador/

I am truly honored to be recognized by such a reputable company that stands by my beloved Java, the famous Oracle Database, and the exciting Oracle Cloud.

I am even more excited because I am planning to explore Oracle Cloud in detail. The first step will be to move my security demos to a new, hopefully, very friendly, hosting environment!

Stay tuned!

News – Yon Labs