All Stories

Border line between marketing and security features

Make a web application penetration test is becoming tricky due modern browsers native anti-xss filtering facilities (they only work for reflected cross site scripting).

The hidden pitfalls in automatic source code review

Disclaimer: this is an in depth post about pitfalls in security code reviews. A focused post is available on blog

Adding basic authentication support to wpscan

wpscan is an opensource tool designed to make assessment over wordpress installations.

Are web agencies the new security threats in 2013?

An economical crisis time has been started 4 years ago and this eventually changed how people engage contractors to develop code.

Parsing CVSS vector and publishing as API

Latest July I wrote a post about having fun with grape framework to build powerful APIs.

Pony and the empty emails bug

There were an annoying bug affecting the internal application security self service platform I deployed on my company. When a user makes a request the notification email is sent with...