Java Dependency Vulnerability scanning with Maven victims-enforcer
One of the OWASP guidelines for secure applications is to not use components with known vulnerabilities. Unfortunately it can be…
OWASP Dependency Vulnerability Scanning of Java JARs with Maven
One of the OWASP guidelines for secure applications is to not use components with known vulnerabilities. Unfortunately it can be…
SHA-1 deprecation deadline
Have you recently noticed that some of the secure websites that you frequent might have stopped working when you attempt…
RetireJS javascript libary vulnerability scanning with Maven
It's important to note that even though your site is using a vulnerable library, that does not necessarily mean your…
Adding TestNG support to Eclipse
Most Java developers are familiar with the Eclipse IDE, even if they use alternatives. One thing that's bothered me for…
Code signing of java applets – using Ant
To sign your java assets during the Ant build process, you can add the following to the build.xml to make…
Code signing of java applets – using Maven
To sign your java assets during the maven build process, you can add the following to the pom.xml to make…
Code signing of java assets – creating a keystore
This is generally done via the command line, though I've seen it done with Ant in some cases. Here are…
Firefox 41+ extension signing
In the never-ending quest for browser security, Firefox has started implementing safeguards to only allow signed extensions. I found this…
Ashley Madison data dump
This topic has been in the media ALOT lately, for the less technical individuals here's a simple way to get…