on Security, zaproxy, ZAP, OWASP, proxy, intercepting proxy

Intercepting HTTP traffic with Zaproxy

Today I'm going to show you how to use the Zed Attack Proxy [https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project] (ZAP) to debug and test the security of web applications. ZAP is an intercepting proxy that serves as a great tool for security beginners and veterans…

on Mozilla, Mozilla Foundation, open-source, webmaker, Security

One Time Passwords (Part Two)

In my previous post [https://chrisdecairos.ca/one-time-passwords], I wrote about the new login system we're working on for Webmaker. In short, the new system facilitates the authentication of a user by generating a one time use password and sending it to the user's email account. The user can then…