Don’t write your own web application security scanner

Posted by:

Don’t write your own web application security scanner

tl;dr Don’t write your own web application security scanner, it is too hard. Contribute to an existing project instead.

Every now and then I receive an email with this format: “I’ve used web scanning tool X for a while and it doesn’t work the way I want. I’m writing my own tool and would like you to help me with some ideas/pointers”. Usually I answer privately, but that doesn’t seem to be scaling, so here’s my public response to all of you.

Writing and ...

Read more →
19
AUG
0

w3af

, , , , ,

Sentinela: Auto-shutdown cloud servers

Posted by:

During the last weeks I’ve been using some of my time to learn various aspects of cloud computing. I spend most of my time reading and testing some new ideas on Amazon’s cloud. After using Amazon’s console for a while, I started to use the Boto library for starting my instances and then pushing some code to them with Fabric.

The problem came one day when, because of a ...

Read more →
7
APR
0

Python

, , , , ,