Archives for the Month of October, 2008

WordPress plugin security

It’s really bad. The amount of code that gets released and is vulnerable is shocking. WordPress you need to do something. Anything. Disable all plugins now, run a audit on the code or use a user security review process, even as a last resort run some sort of automation on the code. Is it really […]


It was awesome! My first conference and the first time I’ve ever spoken about security stuff. I was really nervous but after the first one I calmed down a bit. We presented a total of three times, two 30 minute slots and a final 50 minutes. It was a lot easier because there was three […]

To infinity and beyond!

I’m still heavily researching Javascript in search of XSS vectors and interesting syntax. I’ve found loads of cool stuff recently and while looking through the ECMA spec. I came across the Infinity object which is a global and a number, of course I was already aware of it but I thought what kind of interesting […]