The blogs you should read

I’ve created this list to show my respect for some of web security’s greatest minds. I don’t usually link to blogs or posts when I write but I have decided to do it more often in order to spread the word and provide a good resource for people to learn. There may be other people in the industry that deserve to be here but I’ve decided for my own reasons based on knowledge I’ve gained from reading their blogs.

Stefan Esser

He doesn’t care what people think nor does he mind what he says but whenever he says something you better listen because this guy is the hacker of all hackers. He has done countless things for PHP security and I would say is “THE” PHP expert. It was a sad day when he left the PHP security list he formed 🙁
Web site link

Robert Hansen (AKA RSnake)

RSnake’s blog is compulsive reading and the forum he started sla.ckers, is a fantastic resource for security knowledge. He’s done some fantastic work with CSS hacking and his XSS cheatsheet is a reference for anyone serious about security.
Web site link

Jeremiah Grossman

Jeremiah has been so inspirational when I was creating my Javascript LAN scanner and CSS scanners, his work with the CSS history hack really opened my eyes. When he posts he always has something meaningful and interesting to say and it’s one of my main RSS feeds reading list.
Web site link

Ronald van den Heetkamp (AKA 0x000000)

I didn’t do any blogging or share much until about year ago, I found Ronald’s site on sla.ckers. On his site he challenged someone to hack his comment spam protection. So I did, me and Ronald now share many email conversations about web security and his blog has been an inspirational resource to my research. Every post he does contains some useful information and it is always original high level content.
Web site link

Billy Hoffman

Billy’s work speaks for itself, if you’ve seen Jikto or his stuff on javascript port scanning you’ll know what I mean. Some call his work controversial but I call it pure genius. Again he’s inspired much of my work on CSS and Javascript LAN scanning.
Web site link

Petko D. Petkov (AKA pdp), David Kierznowski, Mario

The GNU Citizen group are a team of clever bloggers which participate in open source projects and provide excellent security tips on their blog. David, Mario and PDP have wrote some outstanding stuff and their blog always provides some interesting reading.
Web site link

Sid Karunaratne (AKA Whiteacid)

Sid hacked my CAPTCHA but I’m not bitter 🙂 I respect his excellent coding skills. He also wrote the XSS post forwarder which is a fantastic tool to highlight POST XSS security flaws in web sites by converting a GET request into a POST request. He’s also a regular on sla.ckers.
Web site link

One Response to “The blogs you should read”

  1. Can++yon writes:

    Thanks for all that. Your “group” is beautiful. And your blog very pretty;)