Profile avatar
webtonull.bsky.social
Security researcher at Crosspoint Labs. AppSec. Tweets are my own and do not express the opinion of my employer. OWASP. retire.js
13 posts 1,407 followers 163 following
Getting Started
Posts 9 Comments 6

Reminder that the Call for Presentations for Sikkerhetsfestivalen (The Security Festival) is open. OWASP Oslo is hosting an AppSec track. Scroll down the page for English version: sikkerhetsfestivalen.no/alle-nyheter...

submitted 17 days ago • 0 comments

The CFP for the developer conference NDC Oslo closes today. Security talks of course also very welcome. ndcoslo.com/call-for-pap...

submitted 52 days ago • 0 comments

My latest blog post is live! Check your Ruby on Rails applications for the use of params[:_json] nastystereo.com/security/rai...

submitted 79 days ago • 1 comment

📡 OWASP Secure Headers Project: The "Response Headers" section has been updated with a series of very interesting blog posts about the "Cross-Origin-Embedder-Policy", "Cross-Origin-Opener-Policy" and "Cross-Origin-Resource-Policy" headers. #appsec #appsecurity #oshp 📖 owasp.org/www-project-...

submitted 83 days ago • 1 comment

Great read on bypassing upload filters: blog.sicuranext.com/breaking-dow...

submitted 100 days ago • 0 comments

Does anybody know why Microsoft is blocking the string ".@" in passwords in Azure AD B2C custom policy examples? It's not that they are blocking the individual characters, but that exact combination.

submitted 101 days ago • 1 comment

The CFP for NDC Security in Oslo, Norway is about to run out! Submit your talk today! ndc-security.com/call-for-pap...

submitted 167 days ago • 0 comments

Oh well...

submitted 497 days ago • 1 comment

For people with more than one slack of varying importance, this grouping of the slacks is not a good design choice. I don't care if the least important slack has unreads. Now I have to click or hover to see which one it is.

submitted 533 days ago • 0 comments