Blog:tech
This is a simple tech blog. I am mostly interested in application security, web, technologies... but every time I can, I try to play with some other field I like such as data-mining, graph theory, compilers, languages, etc..Contact:
Last entries
- Internet User Privacy Values Survey
- Last week at NIST
- Scalp 0.4: apache log based attack analyzer, updated
- PyQt and WebKit integration: unexpected limitation [fixed]
- How fair should Google Search be?
- And so you wanted to protect your email address on your website...
- Why the "line of code" is indeed a good metric
- Trie based fast and massive replacement (Algorithm)
- A morning at work: Content-Disposition blocked!
- Scalp: apache log based attack analyzer
- My talk at SAW: Automated Evaluation of source code analyzer output
- ph34r the script kiddies: Whitehouse.org
- Yet another study on code quality: A Tale of Four Kernels
- Static Analysis Tool Exposition is over
- Oh please stop it with these ridiculous CAPTCHAs!
- Accelerate the convergence to the bug: Running the test in 16-bit
- Scaling MySQL db
- MySQL table/field names
- Untrusted websites passwords
- NIST SATE step 3 completed: test cases information release
- Code review: facilitate the SCA output analysis
- OWASP France Chapter & OWASP Top Ten 2007 French
- Code review tools: the missing link (so far)
- SATE ready to go + weaknesses walker + Shmoo + 100
- NIST Static Analysis Tool Exposition: No, this is not a competition!
- Talk: Problems and solutions for testing web application security scanners
- Definition parsing: first step done
- Search engine keywords extraction
- How come I didn't know this resource!!
- Protection against spam bot | fuckthespam.com
- PHP Source Code Analyzer
- Leaving for Hawaii, HICSS conference
- [WASC] Release of Script Mapping Project
- "My Security Planet"
- Attack Surface oriented Crawler: Focusing on what you actually want
- Static Analysis Framework: PHP-Ast/Oracle
- Yet another study oriented release
- The new grabber
- Interoperability and web application scanners
- My talk at the Verify Conference
Contact:
Tags
- Algorithm
- apache
- Attack surface
- Bahhhh
- Black Box
- blog
- blogs
- Book
- book
- C
- CAPTCHA
- code quality
- Coverage
- Crawler
- Crystal Ball
- CSS
- data-flow
- Evaluation
- Firefox
- France
- fuckthespam
- Grabber
- h4X0r
- hacks
- Hot stuffs
- IDS
- Internet Explorer
- iPod
- javascript
- JavaScript
- link
- log
- malware
- metrics
- MySQL
- News
- Optimization
- OWASP
- PHP
- php
- PHP-Oracle
- PHP-Sat
- Pixy
- preprocessor
- Python
- RegFuzzer
- SAMATE
- SATE
- Scaling
- scalp
- Scalp
- Script Mapping
- secure programming
- security
- SEO
- source code scanners
- Spam
- SQL Injection
- static analysis
- SWAAT
- Tech
- testing
- todo
- Top Ten
- tricks
- Vulnerabilities
- W3C
- WASC
- WASSEC
- weaknesses walker
- wtf!
- XSS
Links
Web Security
- ts/sci security
- Larholm blog
- Ronald van den Heetkamp
- Stefano Di Paola
- Christian Matthies
- Anurag's Interviews
- Watchfire's blog
- CGIsecurity
- ha.ckers.org
- Securiteam Blog
- gnucitizen
- Michal Zalewski
- Jeremiah Grossman
- Chris Shiflett
- Stefan Esser
- Disenchant
- Kuza55's Blog
- Kyran's Blog
General Sec.
- Ian Bicking: A blog
- TechList.org
- Jason Evans's Grammar/Parsing stuff
- Michael Howard
- Fortify's blog
- Cigital's Justice League
- Plynt Penetration Testing Blog
Last comments