All Stories

Untold: Owasp Orizon is died and I'm sad of it

In 2006 I started an ambitious project, an opensource SAST engine built in Java I called Owasp Orizon.

The fragile Internet

It was a yesterday’s news that anonymous and other cracker’s crews attacked and defaced large number of corporate websites.

Border line between marketing and security features

Make a web application penetration test is becoming tricky due modern browsers native anti-xss filtering facilities (they only work for reflected cross site scripting).

The hidden pitfalls in automatic source code review

Disclaimer: this is an in depth post about pitfalls in security code reviews. A codesake.com focused post is available on codesake.com blog

Adding basic authentication support to wpscan

wpscan is an opensource tool designed to make assessment over wordpress installations.

Are web agencies the new security threats in 2013?

An economical crisis time has been started 4 years ago and this eventually changed how people engage contractors to develop code.