How your file uploads may get hacked?
Covering the most important file input validation techniques on the web, some attacks againts them, and highlight the importance of sanitizing data sent by the end user with a case study.
technology
11
Articles
Log4j2 RCE and exploitation example (CVE-2021-44228)
Why this new Log4j vulnerability is so dangerous? Hacked step by step until remote shell.
How to have an effective 1on1, and why is it important?
What is an 1on1 meeting good for, and how to make it really great, where you can connect to your team member in many ways?
How can feature flagging help during release and customer experiments?
Covering a couple benefits of using feature flags in development from business and technical point of view as well.
JBoss CXF problem with IIS SSL
Fairy techtale from bank operation point of view, where governmental organization is unavailable, they failed changing api, and still able to charge horrible fee.
Modifying a link after clicking
After clicking on something, it becomes something else. Schrödinger is awake.
Public domain resolves to 127.0.0.1
Very little, but useful trick to avoid hostfile editing all the time.
GIRO account numbers and related error detection
How does it work? Is it possible to transfer money, where we don't want to, bcause of a mistake or typo?