Blog: The blog of a gypsy engineer |
240 blogs
updated: 23 min. ago
|
||
A message authentication code (MAC) or a digital signature may be used to authenticate a message and to protect its integrity. When checking...
|
||
If you use Jackson Databind library and run a security scanner, you might have received quite a lot of alerts about deserialization vulnerab...
|
||
Java RMI uses the default Java deserialization mechanism for passing parameters during remote method invocations. In other words, RMI uses O...
|
||
Recently I wrote a post about detecting JEXL injections with CodeQL. JEXL is a library that provides an interpreter for a simple expression ...
|
||
Recently WhiteSource security scanner started reporting WS-2016-7107 against Spring-based applications. This is an old issue that was report...
|
||
In this blog post, I'll talk about detecting unsafe Spring Exporters with a CodeQL query. First, I'll describe the issue that received CVE-2...
|
||
I recently wrote a blog post about a project I have been working on at SAP for a year. The project is called Fosstars. It is an open-source ...
|
||
In this post, I'll talk about a CodeQL query for detecting JEXL Expression Language injection vulnerabilities. First, I'll give a brief over...
|
||
A photoresistor or a light-dependent resistor (LDR) is a resistor that changes its value (resistance) depending on light intensity. More pre...
|
||
In the previous posts, I described a simple weather station that measures temperature and humidity and sends the measurements to a Google sh...
|
||
Made better & faster using https://www.yourkit.com/ Java Profiler