PinnedApplication Security #1: What is server side input validation? Why is it needed anyway?tl;dr — Don’t rely on client-side input validation. The data sent from client side can be manipulated in many ways beating any validation…Jul 14, 20171Jul 14, 20171
Android: Get Root Access to Android Emulators without Rootingtl;dr — Use android emulator images without Google Play Store icon from the Device Manager in the Android studio.Dec 15, 2024Dec 15, 2024
Extract Parameter Values from Burp Suite Historytl;dr Use a combination of regex [&?]param-name=([^&]+) and Sensitive Discover extension from the BApp Store.Nov 20, 2024Nov 20, 2024
How to Check Java Keystore JKS File for Private Keystl;dr — use keytool to list content of .jks keystore file and lookout for SecretKeyEntry and PrivateKeyEntry entry types for private key…Nov 5, 2024Nov 5, 2024
Best Tutorial on How to Build Python Packages with pyproject.toml YetThere are many different ways to build and distribute python packages and there really are many blog posts and tutorials on how to do it.Oct 22, 2024Oct 22, 2024
Tutorial #7: How To Fix Request Hanging Issue When Proxying Through Burp Suite with Python or…tl;dr — If you are using the later version of Burp especially version 2024.8.5, update java JDK or JRE runtime environment to avoid the…Oct 17, 2024Oct 17, 2024
Tutorial #6: Fix SSL Error in Python requests when proxying through Burp Suitetl;dr — Two ways to fix: either disable SSL checking completely with verify=False (the dirty approach) or use verify=<path to cert> to…May 4, 20241May 4, 20241
Application Security #4: What do jwk keypairs look like? Have I found something sensitive?What does keypairs look like? What does it mean? Where to find it? How to generate it?Apr 26, 2024Apr 26, 2024
Tutorial #5: Prevent Clickjacking Attack with X-Frame-OptionsA video demonstration on how to implement X-Frame-Options header to prevent Clickjacking or UI Redressing attack.Apr 20, 2024Apr 20, 2024
Tutorial #4: Prevent Clickjacking Attack with Content-Security-Policy headerA video demonstration on how to implement Content-Security-Policy header to prevent Clickjacking or UI Redressing attack.Apr 19, 2024Apr 19, 2024
