All Stories

Open the code or review it: Oracle CVE-2012-1675

I’m fine with Oracle, but…

Bypassing HTTP Basic Authentication in PHP applications

Basic authentication doesn’t work

H4F - invisible proxy... casper gem

Ruby is a great language for hackers and security researchers too. Of course you can build amazing web applications using Rails or Sinatra or even Padrino frameworks. You can also...

Understand your risk: disclosing information

Few things are dangerous like giving attacker detailed information about how your application works and how it can be subverted.

Papa don't breach

Latest days, while recovering from Eastern’s BBQ galores, I was hanging around my tweeter feeds and the most occurrent topic was… security breaches.