How do static analyzers manage code dependencies? There are many ways, but the best static analyzers take a hybrid approach to dependency analysis.
Hacking Security is a monthly podcast on emerging trends in application security. In Episode 4, secure development expert Meera Rao discusses DevSecOps.
To give your team the latest cloud security training, you need a fixed core curriculum and the flexibility to customize cloud training to each person’s needs.
This is the second of two articles that describe how to use the Defensics SDK in fuzzing Bitcoin. In the previous article, you saw how to set up a test bed for bitcoind. We created two containers, alice and bob, and were able to set up communication between the two bitcoind instances. In this article, you’ll learn […]
Parsia Hakimian and Stark Riedesel presented Tineola at DEF CON 26 Enterprise blockchain platforms are one of the big questions faced by many corporations, including some of our customers. And when our customers come to us with complex problems, we take their unique situations into consideration and come up with tailored solutions. So when our […]
This is the first of two articles that describe how to use the Defensics SDK to fuzz Bitcoin software. Specifically, you will learn how to model one of the Bitcoin protocol messages and use the Defensics SDK to perform fuzzing on the bitcoind process. This is an advanced technical tutorial, and you will need some background […]
A list that recently hit Hashes.org, with 1 million records and a low crack rate, looked like an interesting target, given that the community had recovered less than 0.5% of the hashes. On taking a closer look, we quickly found out why: Out of the box, only JtR Jumbo carries support for the XenForo hash […]
Posted in Developer Enablement | Comments Off on Cracking XenForo corpuses: An unsupported sha256(sha256($pass).$salt) hash type
Type less, write cleaner scripts, run consistently across platforms, and other reasons why Linux and OS X users can fall in love with PowerShell.
Posted in Developer Enablement | Comments Off on Power(Shell) to the people
Finding and resolving security issues early in the development process saves your organization both time and money. It’s inefficient to implement solutions further along in the software development life cycle (SDLC). But addressing issues early in the process is easier said than done. The first step in improving your application security posture is choosing the […]
Posted in Developer Enablement | Comments Off on Checklist: Do your software testing tools empower your developers?
Getting started with .NET Core? If you’re exploring C#, you’ll find it borrows much from Java. Here are a few prominent differences you should be aware of as you move from Java to .NET Core.