A guide with all the techniques to test and protect CORS implementations.
Davide Danelon will talk next 27th March 2024, for DevSecCon Italy, about proactive strategies for early detection of vulnerabilities.
Not every obfuscated code is the same. So when is it good enough?
Davide Danelon will talk next 25th January 2024, for (ISC)2 Italy Chapter, about Secure Code Review.
When a missing flag can lead to an authorization bypass vulnerability
Is your DApp ready for the security challenges of the real world?
Simone Bovi will talk next 28th May at HackInBo Spring Edition 2022 about Smart Contract (In)Security.
The necessity of a security strategy for smart contracts and decentralized applications.
Davide Davide Danelon will talk next 27th October at HackInBo Winter Edition 2018 about CORS (In)Security.
Released a new Burp Suite extension to help and facilitate manual penetration testing activities.
How to prevent tapjacking attacks on hybrid applications developed with Cordova in less than a minute.
Account lockout could be a solution worse than the problem. Some practical advices to protect an app without introducing DoS.
When trusting default configuration lead to security issues.