No development advice.

Basic camouflage techniques in software security.

HTTP Parameter Pollution

A simple but good security perspective can help us produce quality software.


Security analysis of an example code

The power that APIs provide developers is immense. However, it is easy to ruin everything.*
String path = "C:\\Windows\\system32\\cmd.exe";ProcessBuilder pb = new ProcessBuilder(path);
pb.command().add("/c");
pb.command().add("ping.exe");
pb.command().add(userInput);
Process pingProcess = pb.start();

Read this and count to 10 if you feel you have to…

Creating a new or customizing an existing security related technique may be costly.


Geliştirme tavsiyesi değildir.

Yazılım güvenliğinde temel kamuflaj teknikleri.

Progress with producing CodeThreat

CodeThreat static application security solution is one and a half years old now

Bootstrapping with Passion


for Static Application Security Testing Tools

What are the reasons for bad findings of a static application security testing automation?


Hint: The question is irrelevant.

A sane SAST vs. DAST comparison


Hardship in producing a secure software

Is secure software somewhere around the Never Land?


Program analysis fight against imperfection

Imperfection is an inherent part of an automated security analysis solution and sensitivities are mechanisms to increase the precision of these tools (with a cost)

CodeThreat

CodeThreat is a static application security testing (SAST) solution. Visit codethreat.com

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store