June 15, 2016

Vulnerability on Plurk Android Apps

This article covers a vulnerability in Plurk’s session management, specifically on their Android apps. This vulnerability can be mitigated if we manually revoke the apps’ authorized sessions from the apps...

March 13, 2016

Social Media Login Vulnerability

This article covers things I missed during an implementation of social media login feature for a web application with Facebook and Google+. Both vulnerabilities are reported by a bounty hunter...

January 23, 2016

A Web Agency's Vulnerable Website

This article covers a company profile website. The company is owned by a friend of mine. He runs a web agency, offering his clients custom applications based on a CMS...

December 31, 2015

VulnHub FristiLeaks Writeup

This is a writeup for VulnHub’s FristiLeaks: 1.3 challenge. Host and Service Discovery I don’t think that we really need to cover this, as the IP address of the host...

December 17, 2015

Frekwenza: Another Ruby TF-IDF Gem

One of the personal projects I was working on a few months ago has text processing in it. I needed to classify text messages into several groups depending on what...