Scott Helme (Page 10)

If it looks like a duck, swims like a duck, and QWACs like a duck, then it's probably an EV Certificate

For a little while now I've been following a new type of certificate that you may soon be hearing a lot more about. They're called a...

Free Post

Log4j

Responding to the Log4j 2 vulnerability (CVE-2021-44228)

This blog post isn't going to be a deep dive into the vulnerability itself, but instead how Report URI reacted as an organisation and the things we'...

Free Post

Crawler Report

Top 1 Million Analysis - November 2021

Wow! It's been quite a while since I've had time to do my regular analysis of security in the Top 1 Million site, but it'...

Frequency analysis on hundreds of billions of reports at Report URI: Top-K

Free Post

Probabilistic Data Structures

Frequency analysis on hundreds of billions of reports at Report URI: Top-K

After looking at how a Bloom Filter [https://scotthelme.co.uk/frequency-analysis-on-hundreds-of-billions-of-reports-at-report-uri-bloom-filters/] works and moving on to understand...

Free Post

Report URI

Report URI is now using CSP nonces in an enforced policy

Hurrah! Sometimes it takes a little while for projects to make it through your backlog and into production, but the nonce-based policy for CSP on Report URI can now...

Free Post

Report URI

Report URI Penetration Test 2021

Wow, where did that last year go?! It's time for our annual penetration test again over at Report URI and just like we did last year, we'...

Free Post

Pwned Passwords

Sketchy Pwned Passwords

After playing with some more probabilistic data structures and talking about Count-Min Sketch [https://scotthelme.co.uk/frequency-analysis-hundreds-billions-reports-report-uri-count-min-sketch/] , I wanted...

Free Post

Report URI

Frequency analysis on hundreds of billions of reports at Report URI: Count-Min Sketch

At the time of writing, Report URI [https://report-uri.com] has processed a total of 669,142,999,794 reports. That's a lot of reports and sometimes...

Free Post

Report URI

When Pwned Passwords Bloom!

I recently wrote about Bloom Filters [https://scotthelme.co.uk/frequency-analysis-on-hundreds-of-billions-of-reports-at-report-uri-bloom-filters/] , the hugely space efficient, probabilistic data structures,...

Free Post

Report URI

Frequency analysis on hundreds of billions of reports at Report URI: Bloom Filters

Have we seen this report before? It sounds like a simple question to ask of a service that collects and processes hundreds of millions of reports per day, and in...

Scott Helme

Hi, I'm Scott Helme, a Security Researcher, Entrepreneur and International Speaker. I'm the creator of Report URI and Security Headers, and I deliver world renowned training on Hacking and Encryption.

If it looks like a duck, swims like a duck, and QWACs like a duck, then it's probably an EV Certificate

Responding to the Log4j 2 vulnerability (CVE-2021-44228)

Top 1 Million Analysis - November 2021

Frequency analysis on hundreds of billions of reports at Report URI: Top-K

Report URI is now using CSP nonces in an enforced policy

Report URI Penetration Test 2021

Sketchy Pwned Passwords

Frequency analysis on hundreds of billions of reports at Report URI: Count-Min Sketch

When Pwned Passwords Bloom!

Frequency analysis on hundreds of billions of reports at Report URI: Bloom Filters

Upcoming Events

Cheat Sheets

Projects

Upcoming Events

Cheat Sheets

Projects

Follow