All Stories

H@W #1 - Simon Bennetts: Owasp Zap Project leader

The perfect mixin: a developer becoming an appsec specialist

Open the code or review it: Oracle CVE-2012-1675

I’m fine with Oracle, but…

Bypassing HTTP Basic Authentication in PHP applications

Basic authentication doesn’t work

H4F - invisible proxy... casper gem

Ruby is a great language for hackers and security researchers too. Of course you can build amazing web applications using Rails or Sinatra or even Padrino frameworks. You can also...

Understand your risk: disclosing information

Few things are dangerous like giving attacker detailed information about how your application works and how it can be subverted.