All Stories

Testing your cookie's attributes for insecurities using ruby

Session cookies are a swiss army knife for every developer to maintain user session requests tracking. They need however to be designed with security in mind since they can be...

Some security tips for ruby hackers: leveraging the attack surface: part 2

In the first part of this overview about web application perimeter recognizance we stopped using ciphersurfer to check for SSL certificate weakness.

What I learnt from Italian RubyDay

Today I attended the Italian RubyDay with a talk about application security. More in details the talk was about how to use ruby to automate some security tests as described...

Some security tips for ruby hackers: leveraging the attack surface. Part 1.

In the first episode I introduced the security checks I’d like to talk about at the talk I have to give next Friday.

Some security tips for ruby hackers: prelude

Next Friday I’ll give a talk about using ruby and gems to quick test a webapp for security issues.

LeakedIN and the salt and pepper sauce

Two days ago, the Internet was squashed by a very large sensitive data breach. More than 6.4M of password hashes coming from LinkedIN were published by an unknown attacker crew...