Thursday, July 29, 2010

Hardening PHP: How to securely include remote code (part 2)

In second post of the series I describe methods of checking the integrity of remote code - from checksums to (simple) Public Key Infrastruct...

Hardening PHP: How to securely include remote code (part 1)

First post of the series discussing various methods of including remote PHP code in your application - from security standpoint. In this pos...
Wednesday, June 16, 2010

Ultimate toString() override

As shown in my last talk on malware analysis , automatic malware detectors could be easily beaten by detecting their emulation layer. For ex...
3 comments:
Friday, June 11, 2010

Malicious Javascript talk - materials

I've published the talk from yesterday's OWASP meeting: Update: English version Creating, obfuscating and analyzing malware Java...
Tuesday, June 8, 2010

Save your data from SQL injection - materials

These are the slides from my talk given today at Krakspot Tech meeting: Jak ocalić swoje dane przed SQL injection? View more presentation...
Saturday, May 29, 2010

Incoming lectures on malware and on SQL injection

I will be giving two talks next month: Save your data from SQL injection 8.06.2010 - Krakspot Tech meeting This is a heavily modified v...
Thursday, May 13, 2010

Deobfuscating PHP scripts with evalhook

Just a quick note - Similar to my previous approach in JavaScript Stefan Esser from Month of PHP Security successfully tried to deobfuscat...
1 comment: