Another year has rolled by (damn, I really don’t update this blog much, do I?) and Securi-Tay IV is coming up. I’ll be speaking about security issues related to serialisation and deserialisation of data in modern programming languages, including PHP and C#. My colleague FreakyClown will be talking about robbing banks for a living, which… Read More Another year, another Securi-Tay, another talk… and this time we’re sponsoring the bar!
Just a quick tip for anyone doing a code review of a Java EE web application: LAPSE+ is a very useful tool to have in the arsenal, whether you’ve got the original source or just the JAR/WAR file. In my case, the client provided me with a single .WAR file which contained the application. As… Read More Pentesting Java EE web applications with LAPSE+