Introducing Log4Shell Sentinel

22 Dec 2021 on SECURITY, PROGRAMMING

A smart Log4Shell/Log4j/CVE-2021-44228 scanner

Python - Verifying Indirect
Imports At Runtime

16 Nov 2021 on PROGRAMMING, PYTHON

Unlike explicit imports that throw an error at application startup, indirect imports in Python throw them when they are actually used. Excessively permissive except clauses can hide them and result in unexpected behavior. Here’s how to verify them at runtime.

Proxying Application Traffic
Through Tor

07 Nov 2021 on SECURITY, TOOLS, PROXY

A quick look at how to proxy any application’s traffic through the Tor network.

AWS WAF's Dangerous Defaults

03 Oct 2021 on SECURITY, AWS, WAF, RESEARCH

AWS WAF’s defaults make bypassing trivial in POST requests, even when you enable the AWS Managed Rules

Pagination