Other activities on Application Security topics.
- Technical editor for the book Alice and Bob Learn Application Security.
Technical blog post
- Discovery of Cloud Native applications from an application security perspective.
- Agile threat modeling and the “the devil is in the details” idiom.
- Discovery of Self Sovereign Identity (SSI) from a security perspective.
- Continuous deployment: applying security for web application development.
- Risks linked to external dependencies.
- What is Web Cryptography API?.
- How to evaluate an OAuth/OpenID Connect system from a security point of view?.
- How to automatically validate the configuration of your API Gateway.
- How to report a security issue in a standardized manner with Security.txt.
- Password hashing: Be careful about what you hash!.
- Android mobile application cloning.
Technical post on Social Network
- Tips regarding the Content-Security-Policy restriction bypass.
- Tips regarding the XPS file format.
- Tips regarding the bypass of the mime type detection by the Apache Tika java library.
- Tips regarding the assessment of a web API based on SpringBoot.
- Tips regarding the assessment of a SPA via the map files.
- Hijack the HTTP/FTP call flow in a .NET app via its configuration file.
- Tips regarding the assessment of a Java app via the JDK tools.
- Tips regarding the validation of the signature of a binary file in .NET.