Blog: The blog of a gypsy engineer

240 blogs updated: 23 min. ago show: latest top this week top this month search:

Preventing timing attacks with CodeQL A message authentication code (MAC) or a digital signature may be used to authenticate a message and to protect its integrity. When checking... 10 09-08-2021 19:46:10 The blog of a gypsy engineer Advanced

Detecting Jackson deserialization vulnerabilities with CodeQL If you use Jackson Databind library and run a security scanner, you might have received quite a lot of alerts about deserialization vulnerab... 16 02-08-2021 15:05:38 The blog of a gypsy engineer Advanced

Detecting dangerous RMI objects with CodeQL Java RMI uses the default Java deserialization mechanism for passing parameters during remote method invocations. In other words, RMI uses O... 10 02-06-2021 16:43:49 The blog of a gypsy engineer Advanced

Detecting Jakarta Expression Language injections with CodeQL Recently I wrote a post about detecting JEXL injections with CodeQL. JEXL is a library that provides an interpreter for a simple expression ... 7 15-04-2021 00:59:03 The blog of a gypsy engineer Advanced

WS-2016-7107: CSRF tokens in Spring and the BREACH attack Recently WhiteSource security scanner started reporting WS-2016-7107 against Spring-based applications. This is an old issue that was report... 0 14-04-2021 18:09:22 The blog of a gypsy engineer Advanced

Detecting dangerous Spring service exporters with CodeQL In this blog post, I'll talk about detecting unsafe Spring Exporters with a CodeQL query. First, I'll describe the issue that received CVE-2... 15 25-03-2021 14:30:20 The blog of a gypsy engineer Advanced

Fosstars: a framework for defining ratings for open source projects I recently wrote a blog post about a project I have been working on at SAP for a year. The project is called Fosstars. It is an open-source ... 0 23-03-2021 15:30:48 The blog of a gypsy engineer Advanced

Detecting JEXL injections with CodeQL In this post, I'll talk about a CodeQL query for detecting JEXL Expression Language injection vulnerabilities. First, I'll give a brief over... 9 21-02-2021 13:20:52 The blog of a gypsy engineer Advanced

Reading a photoresistor on ESP32 with MicroPython A photoresistor or a light-dependent resistor (LDR) is a resistor that changes its value (resistance) depending on light intensity. More pre... 4 10-01-2021 14:49:30 The blog of a gypsy engineer Advanced

Measuring CO2 with MH-Z19B on ESP32 In the previous posts, I described a simple weather station that measures temperature and humidity and sends the measurements to a Google sh... 4 01-01-2021 20:05:46 The blog of a gypsy engineer Advanced

load next 10 items

© Jiri Pinkas | this project on GitHub | related: JavaVids | Maven Central Repository Search | Java školení

Top Java Blogs is a Java blog aggregator (with English-written blogs only) focused on Java SE, Java EE, Spring Framework and Hibernate.

Made better & faster using https://www.yourkit.com/ Java Profiler