-
Archives
- January 2024
- December 2023
- September 2023
- July 2023
- March 2023
- August 2022
- January 2022
- October 2021
- October 2020
- May 2020
- March 2020
- November 2018
- September 2017
- October 2016
- December 2015
- September 2015
- January 2015
- November 2014
- July 2014
- April 2014
- March 2014
- December 2013
- November 2013
- October 2013
- September 2013
- July 2013
- June 2013
- May 2013
- April 2013
- March 2013
- November 2012
- October 2012
- July 2012
- June 2012
- April 2012
- February 2012
- January 2012
- December 2011
- November 2011
- October 2011
- September 2011
- July 2011
- June 2011
- May 2011
- April 2011
- March 2011
- February 2011
- January 2011
- December 2010
- November 2010
- October 2010
- September 2010
- August 2010
- July 2010
- June 2010
- May 2010
- March 2010
- February 2010
- January 2010
- December 2009
- November 2009
-
Meta
Tag Archives: Software Security
AppSec: Myths about Obfuscation and Reversing Python
Python is an easy and powerful programming language that allows us to write sophisticated programs: Dropbox and BitTorrent are excellent examples. It is common that Python programs are delivered in source code, but in some cases different techniques like obfuscation … Continue reading
Posted in Pentest, Privacy, Security, Technology
Tagged Application Security, attack vector, Penetration Testing, Python, Reverse Engineering, Software Security
15 Comments
OWASP Top Ten 2013 free workshop
Yesterday, July 17th, I taught a free workshop about the OWASP Top Ten 2013 which was published recently that describes the 10 most common vulnerabilities in Web applications. This free workshop is a collaboration between the Catedral de Innovación of … Continue reading
Posted in Security, Technology, Threat Modeling
Tagged Application Security, attack vector, OWASP, SDL, Software Security, VULNEX, Web Security
Leave a comment
A Spanish startup selected by the DARPA Cyber Fast Track (CFT)
The security landscape changed in August 2011 at the Black Hat Conference when the legendary hacker of the L0pht Peiter “Mudge” Zatko presented the new program Cyber Fast Track (CFT) (DARPA-PA-11-52) from DARPA (Defense Advanced Research Projects Agency of the … Continue reading
Posted in Business, Pentest, Security, Technology
Tagged DARPA, Information Security, Penetration Testing, SDL, Software Security, VULNEX
Leave a comment
What’s the point of reporting 0day?
In the last weeks the news related to PRISM has not stopped since leaked by Edward Snowden, who worked for Booz Allen Hamilton, a defense contractor for the NSA. One interesting outcome of these leaks is the NSA access to … Continue reading
AppSec: Build Rooted Detection in your App
For various reasons many Apps need to detect if the phone has been “rooted” and in this article will see different techniques for this purpose. Since it is common to see this type of questions in development forums, I thought … Continue reading
AppSec: Improve your software security with GCC Stack Protector Strong
The other day helping out a client to develop secure software it came to my mind that this topic could be of interest to my readers. Obviously this topic is quite wide, but in this article I will focus in … Continue reading
Posted in Pentest, Privacy, Security, Technology, Threat Modeling
Tagged Application Security, AppSec @en, attack vector, Compiler, GCC, Information Security, Linux, SDL, Software Security
Leave a comment
Book Review: The IDA Pro Book, 2nd edition
If you like reverse engineering and want to learn all the secrets of IDA Pro, this is your book. This work written by Chris Eagle, a top expert on the subject, reveals the power of the best tool for reverse … Continue reading
Posted in Books, Pentest, Security, Technology
Tagged Application Security, Book, Book Review, RE, Reverse Engineering, Reversing, Software Security
Leave a comment
Back to Black Hat Europe and my talk on Anti-Theft
Last Thursday 14 and Friday 15 March the Conference Black Hat Europe was held in the great city of Amsterdam, a mandatory event for cyber security experts. For second year running I presented on R&D outlining the security posture of … Continue reading
Posted in Conference, Pentest, Security, Technology
Tagged Android, Anti-Theft, Application Security, Conference, CyberSecurity, Iphone, Penetration Testing, Software Security, VULNEX, Windows
Leave a comment
AppSec USA 2012: the experience
You know you are in Texas when you get out of the plane and hear country music through the airport and I was there indeed because the 25 and 26th of October the OWASP AppSec USA conference was taking place … Continue reading
Posted in Conference, Hacking, OWASP, Pentest, Privacy, SDL, Security, Technology, Threat Modeling
Tagged Application Security, Apps, Information Security, OWASP, SDL, Software Security, Web Honeypots
Leave a comment
“Find And Call” Smartphone Malware Analysis
[Español] La semana pasada Kaspersky publicó un artículo sobre un nuevo malware que afectaba a iPhone y Android, y esta App estaba disponible en sus mercados oficiales. Al ser el primer malware que aparece en el iPhone Market he pensado … Continue reading
Posted in Hacking, Security, Technology
Tagged Android, Apps, attack vector, Information Security, Iphone, malware, Smartphone, Software Security
Leave a comment
