4 June 2019

Security Practices in Web Application Development - OWASP TOP 10

Is there 100% error free software? Is there 100% secure software? The answer to both questions is NO, but don't panic.

24 May 2019

Intigriti XSS challenge write-up

Intigriti published a DOM XSS Challenge available at Intigriti’s bug bounty platform. The assignment was to exploit a DOM XSS vulnerability on this page and to trigger a pop up of the document.domain (challenge.intigriti.io).

17 April 2019

How to Secure Your Blockchain Project with a Smart Contract Audit

There’s no official testing standard for Smart Contracts. But that doesn’t mean you should leave your code untested. Here’s how we approach audits that go beyond checklists.

14 November 2018

Cloudflare, how to do it right and don't reveal your real IP

The goal of this blogpost is to show what needs to be done to have a secure working setup, explain why all of the countermeasures are really necessary by demonstrating the attacks that they are mitigating, to not reveal your origin IP address.

13 July 2018

Malware trends in 2018- Ransomware left behind by mining viruses

This blog is about CoinHive. I will describe how it affects websites, how websites get infected and how to prevent it or how to get rid of it.

20 February 2018

Be kind to your local security researcher

As big fans of open source, we feel the urge to support the community and contribute to the projects we like. And because our code is ugly as hell, we try to do it at least by reporting bugs and security vulnerabilities.