First of all, Happy Nowruz! Tomorrow is officially the new Jalali year‘s start. Best of wishes to everyone. The Problem I’ve been working on an elegant design for a new …
Category: English
This post is about Sharif CERT (APA) center’s recent CTF (10 dec 2012), which is one of a kind in Iran. Most CTFs are a few days long since there …
I was in the process of migrating a host from Helm 4 to DirectAdmin, and it seems that Helm is pretty crappy and does not store mail in user’s storage, …
PHP Serialization has a fatal flaw which allows for pollution of the scope and global context of an application, as well as running arbitrary code in some scenarios if sources …
I participated in the Stripe CTF Web Attacks and thus far it was the most well designed CTF I have ever encountered (and I have participated in a couple dozen). This …
Bloating is one of the most fatal horrors that can happen to a piece of software. It is when you have a nice working software that everyone loves, and then …
While I was thinking about certain ways of summarizing CSRF prevention for OWASP PHP Security Cheat Sheet – mixing taint tracking with different request criteria – I found a certain type of …
Qt is a rather magnificent and silent framework. Every application I tend to find amusing and well developed, is based on Qt, but nobody really knows that. There’s not much …
I just finished my Bachelor’s thesis with the topic “Secure Web Application Framework”, unfortunately it’s in Persian, thus only Persian readers can enjoy it. It’s about 200 pages, which about …