All Stories

Create random keys in Ruby using SecureRandom

Yesterday a friend of mine asked about truly random number generation in Java and which are my thoughts about Random and SecureRandom classes. Of course I told him to use...

Fingerprint phpbb forum platform

phpbb is a popular forum platform written in php. In the past it suffered from tons of tons of security issues.

Solid as diamond talk in Fiera della tecnolgia ICT fair

Today I delivered the “Solid as Diamond: use ruby in a web application penetration test” talk in the Fiera della tecnologia ICT fair in Milan, Italy.

Now I'm on blogloving

Even security and technical blogs needs some advertise in order to get more traction. That’s why now you can follow my blog with Bloglovin

Howto crawl web.xml with ruby to discover servlet urls for a pentest

Something very boring happening in a web application penetration test is to reach out URLs that are not referenced in other pages.

Tales from a login page: exploit the form

Last time we introduced the login form as seen on the attacker perspective.