I did a talk in Leeds about DOM sandboxing with regular expressions, it went ok. I’m not the best speaker to be honest but with a bit more practice I’ll get there. Here are the slides:- PDF version Powerpoint slides
Archives for the Month of March, 2011
Blog fight round two
Monday, 21 March 2011
Thanks Pádraic So I hope you’ve enjoyed our blog fight between me and Pádraic Brady. I sense a lack of a sense if humour in his last post 🙁 his blanket claims that regex html validation sucks were obviously unjustified. Anyway I was waiting for a cool XSS hole in HTMLReg from him, it never […]
Regex HTML Sanitisation can work
Friday, 18 March 2011
Dear Pádraic Brady, I have not received any emails with any exploits, I am disappointed I want my HTML regex sanitiser to be broken please. Apparently you can find 2-5 vulnerabilities per solution so please execute XSS in my regex. Thanks! I’ll be very impressed if you do and I will promise to dedicate a […]
Hackvertor supports 0Auth
Monday, 14 March 2011
I’ve finally added Twitter 0Auth support in Hackvertor, you can now login via Twitter to save you from remembering yet another set of creds. I plan to use the twitter features to enable realtime sharing of HVURLs and interface, maybe games and challenges too eventually. All points are reset 🙁 but if you login and […]