nodejs

Lack of Visibility in Web Applications

Not being able to introspect your application at any given time or being able to know how the health status is, is not a comfortable place to be in and there is no reason you should be there.

Consuming Free and Open Source

Redirects to legacy blog post. This is where A9 (Using Components with Known Vulnerabilities) of the 2013 OWASP Top 10 comes in. We are consuming far more free and open source libraries than we have ever before. Much of the code we are pulling into our projects is never intentionally used, but is still adding surface area for attack. In this post we address the risks and countermeasures.

Risks and Countermeasures to the Management of Application Secrets

Redirects to legacy blog post.

Node.js Asynchronicity and Callback Nesting

Redirects to legacy blog post. AKA callback hell, temple of doom, often the functions that are nested are anonymous and often they are implicit closures. When it comes to asynchronicity in JavaScript, callbacks are our bread and butter. In saying that, often the best way to use them is by abstracting them behind more elegant APIs.

Up and Running with Express on Node.js, and friends

Redirects to legacy blog post. This is a result of a lot of trial and error, reading, notes taken, advice from more knowledgeable people than myself over a period of a few months in my spare time. This is the basis of a web site I’m writing for a new business endeavour.

Setup of Chromium, Burp Suite, Node.js to view HTTP on the wire

Redirects to legacy blog post. As part of my Node.js development I really wanted to see what was going over the wire from chromium-browser to my Node.js web apps.