Secursive Blog

Welcome to Secursive blog. This blog is intended as a collection of my thoughts on some of the interesting security topics from your trusted security advisor.

Posts

• Best Practices For Installation Packages, Updates, Plugins Download

• Security Recommendations for Encrypted Backups

• Avoiding Directory Traversal in Java

• Surveillance First: How Not to Write a Contact Tracing App

• Safely building and invoking commands in Powershell scripts

• A Critical First Look at Stakeholder Specific Vulnerability Categorization (SSVC)

• Use of Angular JS and Cross Site Scripting

• Security Considerations When Using JMX ports

• Security Considerations When Including Open Source Software

• Security Considerations for REST API Developers

• Security Considerations During File Manipulation In Bash Scripts

• Securely Reading and Passing Passwords on Commandline in Bash Scripts

• Securely connecting to a TLS endpoint that uses self signed SSL certificate

• Secure Communication between Windows/Frames/iframes in a Browser

• Recommended Values for Security relevant HTTP Headers

• Recommended Ciphers and MACs for SSH

• Java Deserialization Prevention When Using XStream

• Getting SubjectName and SubjectAlternativeNames in Python

• Fetching, verifying, and using SSH Host Key Fingerprint

• Creating Safe Renderer/Template Functions to Avoid XSS

• Getting Started With Go Programming Languaue (golang) Code Review

• Setting up the workspace for Hacking Lab

• Cyber warfare and the human aspects of security policy