programming
Get A Day’s Schedule From Fantastical On The Command Line With Shortcuts
I use Fantastical as it’s a much cleaner and native interface than Google Calendar, which I’m stuck using. I do like to use the command line more than GUIs and, while I ...
The State of Application Security with Tanya Janca
Tanya Janca, founder of the We Hack Purple Academy, Director of Developer Relations and Community at Bright, and author of “Alice & Bob Learn Application Security” joins us to discuss the current ...
Malware Evolves to Present New Threats to Developers
Malware, or code written for malicious purposes, is evolving.Photo by Cécile Brasseur on UnsplashSoftware developers face new threats from malicious code as their tools and processes have proven to be an effective and ...
What is insecure deserialization?
Getting to know a critical vulnerability that affects Java, Python, and other common programming languages.Photo by Jiawei Zhao on UnsplashAs a penetration tester, there are few vulnerabilities that fascinate me more than insecure ...
OWASP Updates the Top 10 Web Application Security Risks
OWASP Top Ten updates: what changed?OWASP updates the top 10 web application security risksPhoto by Scott Graham on UnsplashThe Open Web Application Security Project, or OWASP, is a non-profit organization dedicated to improving software security ...
A guide to the OWASP API top ten
Top ten vulnerabilities that threaten your API, how to identify them, and how to prevent themYou’ve probably heard of the OWASP top ten or the top ten vulnerabilities that threaten web applications. OWASP ...
Building a secure application in five steps
Using the Software Development Life Cycle (SDLC) as a model to secure your applicationPhoto by Glenn Carstens-Peters on UnsplashIf you are into building software, you’ve probably heard of the software development life cycle ...
Linux X86 Assembly – How To Test Custom Shellcode Using a C Payload Tester
Overview In the last blog post in this series, we created a tool to make it easy to build our custom payloads and extract them. However, what if we want to test ...
Add Security, Not Headaches, to the SDLC
How to integrate security into the SDLC successfullyThe world has an insecure software problem, which is why 84% of cyber attacks focus on the application layer. Two major factors have contributed to ...
The first step to build a secure application
What every developer should do before they start writing codePhoto by Alexander Dummer on UnsplashI talk a lot about finding and fixing vulnerabilities on my blog. But what can you do to prevent vulnerabilities ...
