0xdabbad00

Latest articles

Developing Solutions

For the past decade I've been a "software developer". But what I really do is develop solutions, which often happen to involve writing some code, but sometimes it doesn't. This post is about advice I used to give to new hires that were fresh out of college or were summer interns. Code Romance I decided to write about this after reading "Why Don't...

Password Authentication for Go Web Servers

The stackoverflow question "How are people managing authentication in Go?" has had a few thousand views. Go's framework's (beego, goji, revel, martini, negroni, gin) do not have anything you should use built-in. Other languages have a common capability for a "classic" password authentication scheme. A "classic" scheme requires a username (could be...

Go code auditing

In the book "The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities" from 2007, the authors Mark Dowd, John McDonald, and Justin Schuh, discuss where to look for common trouble spots that affect all web platforms. They discuss CGI (when a web server used to directly call an executable), Perl, PHP, Java, ASP, and...

Application White-Listing Expectations

Summary: Lower your expectations. In infosec, one definition of an exploit is something that takes advantage of a flaw. To be a "flaw", it must be unexpected behavior, and to "take advantage", it must result in greater privileges. Many discussions of exploits, bypasses, or attacks on white-listing systems show what they would claim is unexpected...

Looking for security trouble spots in Go code

Different languages have certain areas where mistakes are commonly made, and which code auditors focus on. With C, you might grep for strcpy and memcpy. With ruby, you might look for regex that use ^ and $ instead of \A and \z. The use of those functions or idioms are not always vulnerabilities, but are good places to check first. I decided to look...

Choosing Libraries for Go Web Servers

One of the hardest things about coming to a new language is figuring out which libraries you should use, especially for young languages like Go, where there are a bunch of competing options with no clear winners. As an example, for Node, there was an issue opened for it's npm package manager because there were 127 different bcrypt libraries. This...

Go Everyday

I've been coding in Go everyday for the past 3 months, for Summit Route. This post describes how I use Go and what works for me, some of which differs from what I've seen in a lot of other tutorials. Tutorials give you the quick solution that might not be the best when you use it every day. This might help some others and the experts might give me...

Summit Route

For those that have followed this blog, I want to direct you to my new blog at https://SummitRoute.com/blog/. I founded the company Summit Route over a month ago for a couple of reasons, but one of which was to build an application white-listing solution, which I've complained about wanting on this blog before. No one else makes what I think is needed,...

Endpoint Threat Detection Standards

The most vocal player in the endpoint threat detection standards game is Mitre. Unfortunately, they are also the least useful as they don't provide any tools that use the formats they create. For a long time this meant no one used their formats, but it seems recently the US government (who paid Mitre to make these formats) has started forcing companies...

The Future of Endpoint Threat Detection and Response

The current direction of the infosec industry, with regards to malware prevention and detection, is using two very similar technologies (with horrible acronyms). These are: Advanced Threat Protection (ATP) which includes products like FireEye, Palo Alto's Wild Fire, LastLine, and Cuckoo Sandbox. These "detonate" samples in "sandboxes" (virtual machines). Endpoint...

Discover, share and read the best on the web

Subscribe to RSS Feeds, Blogs, Podcasts, Twitter searches, Facebook pages, even Email Newsletters! Get unfiltered news feeds or filter them to your liking.

Get Inoreader
Inoreader - Subscribe to RSS Feeds, Blogs, Podcasts, Twitter searches, Facebook pages, even Email Newsletters!