- CPNI Technical Note: Development and implementation of secure web applications
- Beware of JBoss’ “SecureIdentityLoginModule”
- DEFCON 17: a late write up
- Bypassing Java thick client SSL checks
- x509 certificate basics
BlackBerry PlayBook Security - Part One: 01/08/2011
CVE-2009-3830: SharePoint 2007 source code disclosure.
CVE-2008-???? Multiple vulns in an Oracle application. I am working with Oracle to address these issues. A CVE number has not been assigned yet.
CVE-2008-1606 Multiple directory traversal vulnerabilities in Elastic Path resulting in arbitrary file upload, file download and file system browse.
CVE-2007-6587 Blind SQL injection vulnerability in plog-rss.php in Plogger.
Project.List1.0this is my life
After several years in the security industry working as a consultant, I have started a new business:
Security Roots Ltd
We build tools to help security consultancies to work more efficiently.
Find out more: securityroots.com
usefulfor.sharing useful tips
How many things have you learned and forgot? How many things have you researched but are now lost forever because you didn't have anywhere to publish them? How many cool stuff have you done that is left out of your CV because there is not enough space? What are you waiting to do something about it?
Do something useful for yourself and publish it, others can find your stuff useful too.
miniconomics.your expenses under control
miniconomics is an easy-to-use tool designed to manage your personal expenses. The goals of the project: ease of use, versatility and security.
Dradis Framework.structure and share your findings
Dradis is an open source framework that can be used to structure and share information. Ideal for security researchers and consultants. It has been downloaded over 14,000 times.
etd's dos and dont's.personal blog
It started as a personal notebook on tips and tricks for the daily use of Linux. Then I started posting on general sysadmin, ruby programming and security testing and researching. etd's dos and dont's has been superseded by usefulfor.com. More info.