Kategorie: Chorizo
-
Chorizo posters
Somewhere around this time last year we did go public with our security scanner Chorizo!. One year later, Chorizo! is well established in the world of web development and a useful tool for a lot of developers, especially when you deal with PHP applications. Doing a lot of marketing work in the last year, one…
-
We did talk about Web-2.0 Security
On Tuesday our CIO, Johann-Peter Hartmann, gave a Web-seminar about security issues in the Web 2.0 era. We had about 140 participants and some very good questions in the following Q&A Session. We would like to thank you for the response and also we´d like to thank Jürgen from MySQL, our webinar-host. We uploaded our…
-
Web-2.0 Security
Hi Folks, This is an announcement for a webinar in German. Therefore only written in German. If you are interested in the security topic be sure to see the english webinar, which is stored here. Web-2.0-Anwendungen absichern Die verbesserte Einsatztauglichkeit der Web-2.0-Anwendungen wird auf Kosten von neuen Sicherheitsproblemen erworben. Sowohl die mächtige Logik im JavaScript…
-
The Chorizo! International PHP Conference Quiz
On this years conference we did start a quiz regarding security. For those who were not able to visit the Conference I’d like to show the questions asked. Which of the following code lines does really protect against Cross-Site-Scripting? [ ] echo ‚<a href="index.php?name=‘.addslashes($_GET[’name‘]).’">name</a>‘; [ ] echo ‚<a href="index.php?name=‘.strip_tags($_GET[’name‘]).’">name</a>‘; [ ] echo ‚<a href="index.php?name=‘.preg_replace(‚|\W|‘, “,…
-
Announcing Chorizo! Intranet Edition and Chorizo! Security Audits
Live from the International PHP Conference this year, we have some announcements to make: first of all, we’re now officially releasing the Chorizo! Intranet Edition. That’s basically the full Chorizo! software package for your internal corporate environment, installed on one of your servers. Furthermore, you can scan an unlimited number of your own websites (we…
-
Chorizo available for French customers: win an iPod Nano!
Today, we’re announcing a reselling partnership between Mayflower GmbH and Waterproof S.A.R.L., makers of PHP IDE PHPEdit and a French based company. They’re reselling the Chorizo! software to their customers and in their local country France. You can view the product page on their website. If you happen to be on Forum PHP in Paris…
-
How to make your own Chorizo!
von
in ChorizoEver wanted to make your own Chorizo? Here’s how to make it on your own!
-
MySQL Webinar: LAMP – Security for the Web2.0
It has only been two years since Tim O’Reilly coined the phrase Web 2.0 and even shorter time since Jesse James Garret created the shortcut AJAX for the base technology of modern internet applications. In this period the nature of web applications underwent a major change in user experience and development methods. It is the…
-
Buy one XSS, get a CSRF for free
Cross Site Request Forging (see http://en.wikipedia.org/wiki/Cross-site_request_forgery for more information) has been around for a while now. It misuses the trust of a web application that every request sent by the browser is wanted by its user.For example, if you know that i am logged in to our blog admin backend most of the time, and…