YAML (YAML Ain’t Markup Language) is a popular data serialization format used in many programming languages, including Ruby. Insecure deserialization is a security vulnerability that occurs when an...
Common SAML vulnerabilities and how to remediate them
This blog aims to give a short overview of popular SAML vulnerabilities and how they can be remediated with some examples: https://snyk.io/blog/common-saml-vulnerabilities-remediate/
Swift Deserialization Security primer
NScoding and NSSecureCoding code related issues are often interesting to review and find. Some work I did regarding this can be found here: https://snyk.io/blog/swift-deserialization-security-primer/
SonarSource Advent Security Calendar 2022 Notes
Notes related to RipsTech/SonarSource CodeAdvent Security Calendar 2022. Official writeup here: https://www.sonarsource.com/knowledge/code-challenges/advent-calendar-2022/ Day 1 - PHP <?php s...
Avoiding SMTP Injection: A Whitebox primer
SMTP Injection can often be interesting vulnerability to code review and find. Some work I did regarding this can be found here: https://snyk.io/blog/avoiding-smtp-injection/ The following vulnera...
Improving GraphQL security with static analysis
GraphQL frameworks can often be interesting to code review, and often most static analysis tools don’t support them. Some work I did regarding this can be found here: https://snyk.io/blog/graphql-s...
rs-async-zip Zip Path Traversal (Zip Slip)
Introduction rs-async-zip is a asynchronous ZIP archive reading/writing crate with a heavy focus on streaming support. This package is vulnerable to Zip Traversal (Zip Slip). Note: This issue was...
SonarSource CodeAdvent Security Calendar 2021 Notes
Notes related to RipsTech/SonarSource CodeAdvent Security Calendar 2021. Day 1 Line 13: The code registers a handler for message events and writes the event’s data directly into the DOM...
Joern Cheat Sheet
Joern Notes Joern is a static analyzer that can be used to create code property graphs and query them fairly easy. This is good alternative to CodeQL since analyzing with Joern doesn’t require you...
Exploit Education - Phoenix Notes
Exploit Education Notes The image can be downloaded from https://exploit.education/phoenix/, and can be extracted and executed using tar xJf exploit-education-phoenix-amd64-v1.0.0-alpha-3.tar.xz ...