The Go programming language, also known as golang, is an open source project created by Robert Griesemer, Rob Pike, and Ken Thompson in 2007 and sponsored by Google as an intended to resolve common criticisms of other languages while maintaining their po
In our previous posts, we discussed how to use some tools to explore and debug legacy code. This blog post will explore one of these tools that I personally use quite often in depth: Xdebug and Remote Debugging.
We’ll explore the instal
All of us will encounter legacy code, and most of us will ‘inherit’ code to maintain. In our first post on legacy code, we talked about getting the things you need to start working on a project. In this post, we will talk about how you can eval
Why a new architecture?
PHP is the most popular language on the net and has a wide array of frameworks, apps and packages available. Most of the best ones are open source, free or have a freely available version of their paid app.
That being said, i
All of us will encounter legacy code, and most of us will ‘inherit’ code to maintain. Even on the freshest of projects 99 % of the time you will encounter some ‘baggage’ code that we will have to maintain. This is especially true as a contractor f
This is probably the most common vulnerability these days on Internet Web Apps. Consist in inject client-side scripts in web pages viewed by other users.
What is Cross-Site Scripting?
XSS occurs when an attacker is capable of injecting a
The AJAX paradigm really launched the web into primetime some 10+ years ago, but now its almost expected. Now it’s a ubiquitous part of the web landscape. Most web apps now resemble an ‘app’ in regards to their UX and users ‘expect’ con
How to detect and prevent
The only way to detect flaws in your system is through deep testing. Fortunately, there’s a set of tools recommended by OWASP, that may help you on this task. W3AF (w3af is a Web Application Attack and Audit Framework), Web
PHP is a language for the web, the most popular one in fact. That’s not to say it’s the best, or the worst for that matter but the number of webpages powered by PHP outweighs all the other languages including JAVA, python, Ruby on Rails, etc.On the
In this post I intend to give some definitions related with Injection Flaws, what are they? and how you can determine if your system might be vulnerable to this kind of attacks.
In a second part, I will show you some examples and some t