I’m a software engineer.

I've been programming for over 10 years, and have worked on projects in the finance, e-commerce, gaming, and education industries. My current focus is on web development using Ruby/Rails (on Rails 4), ...

Continue Reading
The best way to get a job is through networking.

The best way to network is at meetups and conferences. You should go to as many of these as you can, but it’s hard for people who don’t live in big cities or have the money/time/energy to travel aro ...

Continue Reading
SAST is not designed for API-centric applications.

WAFs don’t work well with APIs either Web Application Firewalls (WAF) are another common tool used by AppSec teams to protect web applications from external attack, and they too suffer from the same ...

Continue Reading
This tool is not perfect, but it can be used to enumerate and perform GraphQL batching attacks.

We hope that this will help the community in auditing their own GraphQL APIs for potential vulnerabilities https://t.co/jKinYBpnti ...

Continue Reading
This is a good book.

I recommend it https://t.co/NPn68TDn78 ...

Continue Reading
1.

Introspection query support: Yes 2. Schema suggestions detection: Yes 3. Potential CSRF detection: No, but this is a good idea! 4. Query name based batching: Yes (JSON list based) 5 https://t.co/4VHS5 ...

Continue Reading
I’ve been working on a new project, and I’d love to have your feedback.

I'm excited to announce that I'll be joining the team at Mozilla as their first-ever Director of Web Literacy! The position is part of Mozilla's newly launched Learning Team, which aims to help educat ...

Continue Reading
– Consultor / Asesor en Seguridad de la Información, Inteligencia de Fuentes Abiertas (OSINT), y Redacción de Informes Técnicos.

- Experiencia profesional en el sector banca desde hace más de 10 años. Actualmente trabajo como consultor independiente para empresas del sector financiero https://t.co/mH9fFH0fJq ...

Continue Reading

Back to Main

Subscribe for the latest news: