Hello World !
Welcome to the my net home, I used it just to have a summary of stuff on which I work (and have worked).
.:Hibernate Validator Security Contribs:.
Provide a set of content-checking constraint annotations, focused on security, using the JSR303 RI Hibernate Validation.
- Sources repository
- Documentation & metrics
- Browse issues
- Maven Snapshot distribution repository
- Maven Release distribution repository
Artefacts are also published into Maven Central Repository.
Big thanks to Sonatype for this feature...
.:Android application to fuzz WIFI AP:.
This project is a POC trying to find vulnerabilites into WIFI access point (AP).
.:Docker image for web application security scanning:.
Docker build file creating a image of a box containing web application security scanners.
.:OWASP Wiki Contribs:.
- Detect profiling phase into web application.
- W3C Content Security Policy specification: Set up in an web app.
- W3C Cross Origin Resource Sharing specification: Origin header scrutiny.
- W3C Cross Origin Resource Sharing specification: Request preflight process checking.
- Automated audit using W3AF.
- Automated audit using SQLMap.
- Automated audit using SKIPFISH.
- Automated audit using WAPITI.
- XPath code injection.
- Error page set up in Java Server Page.
- Error page set up in Java web application deployment descriptor.
- How to decompile Java code.
Rules specification submited (rules are validated, I wait for implementation from SonarQube):
- Check about use of session identifier on server side.
- Check about XXE.
- Check about IV when ciphering with CBC.
.:IT Security Magazines articles:.
Article created for HAKIN9 and its associated magazines (in fact I have realized that using this channel, the information is not free then I have stopped writing article for magazine and made focus on free wiki like OWASP where information is freely available):