Julian Berton

Hey, I'm Julian Berton, author of this blog, organiser of the OWASP Melbourne chapter and Security Engineer at seek.com.au. I also regularly speak at events and train technology professionals about all things security!

Thinking Like A Hacker - DDD Sydney 2016

29 May 2016

I presented at DDD Sydney about what motivates hackers to break into systems and how you could approach securing your company’s web application at scale.DDD Sydney is a developer focused conference held in Sydney Australia.

Read More

Bypassing Root Detection on Android

30 Jan 2015

When performing a penetration test on an Android or iOS application the developer can implement what are called binary protections that hinder an attacker from easily analysing an application. Some of the more common protections are SSL pinning, code obfuscation and root detection. This article explains how to bypass the latter, namely root detection on Android.

Read More

Bypassing XSS Filters with Scalable Vector Graphics (SVG)

13 Oct 2014

When you are performing a pen test or participating in a bug bounty program, sometimes you are confronted by a Web Application Firewall (WAF) designed to block malicious payloads. To properly identify and exploit a Cross-site Scripting vulnerability you will need to find a way around it! This article demonstrates a method of creating an SVG based payload to bypass those pesky WAF’s.

Read More
Newer Articles
Page 2 of 2