Kim talks with his fellow Toastmasters about profiling peoples passwords and then brute forcing web applications with the shortlist of guessed passwords..
Redirects to legacy blog post.
AKA callback hell, temple of doom, often the functions that are nested are anonymous and often they are implicit closures. When it comes to asynchronicity in JavaScript, callbacks are our bread and butter. In saying that, often the best way to use them is by abstracting them behind more elegant APIs.
Redirects to legacy blog post.
Now establishing the formal definition has been quite an interesting journey, with quite a few sources not quite getting it right. Although the ES3 spec talks about closure, there is no formal definition of what it actually is. The ES5 spec on the other hand does discuss what closure is in two distinct locations.
At OWASP NZ Day: What are we doing with all the characters that get shoved into our applications? Have we considered every potential execution context?
At ANZTB: Hands-on insight into security testing. Kim will discuss some of the more common security vulnerabilities being found in today’s software implementations, and will demonstrate ways of testing them.
Redirects to legacy blog post.
A short time ago, I was tasked with finding the right software engineer/s for the organisation I was working for. I settled on a process, a set of background questions, a set of practical programming exercises and a set of verbal questions. Later on I cut the set of verbal questions down to a quicker set. In this post, I’ll be going over the process and the full set of verbal questions. In a subsequent post I’ll go over the quicker set.
Redirects to legacy blog post.
As part of my Node.js development I really wanted to see what was going over the wire from chromium-browser to my Node.js web apps.
Redirects to legacy blog post.
Untrusted data (data entered by a user), should always be treated as though it contains attack code. This data should not be sent anywhere without taking the necessary steps to detect and neutralise the malicious code.
Redirects to legacy blog post.
I was working on a web based project recently where there was no security thought about when designing, developing it. The following outlines my experience with retrofitting security. It’s my hope that someone will find it useful for their own implementation.