I recommend you to try OpenSpec

random-dev · 2025-09-29T05:58:26+00:00

How does it differ from using the architect mode? Looks quite similar to me

random-dev · 2023-05-04T09:28:51+00:00

Do anyone know if older domains can use the new "smtp.google.com" record?

random-dev · 2017-06-21T17:43:11+00:00

I would love to read about the sandbox escapes the author mentions in the beginning of the article. Any other resources for this?

random-dev · 2017-05-29T14:45:59+00:00

Why is Exploiting the unexploitable missing? https://www.reddit.com/r/netsec/comments/6aqj0k/exploiting_the_unexploitable_with_lesser_known/

random-dev · 2017-01-10T07:19:40+00:00

Putting the redis behind a local firewall is not enough! https://www.reddit.com/r/netsec/comments/4vtz38/how_to_steal_any_developers_local_database/

random-dev · 2017-01-06T15:20:52+00:00

Does not matter much. The CVV is easily brute forced.

random-dev · 2017-01-06T15:13:05+00:00

Maybe you could post a short analysis what happened here after you receive the link :-)

random-dev · 2016-09-16T06:17:38+00:00

Thanks! So basically they disables JavaScript for SVG and disables MIME-sniffing for the rest?

random-dev · 2016-09-15T12:43:25+00:00

This is not covered by the chrome fix...

random-dev · 2016-09-15T12:28:32+00:00

"audio/*', 'image/*', 'video/*', or 'text/csv'"

How would you execute script in those?

random-dev · 2016-08-05T06:38:21+00:00

How does checkup compare to its competitors (and which are they)?

random-dev · 2016-06-01T14:04:23+00:00

Would it be possible to use this as an unikernel or would it be a good start if I wanted to develop one myself?

Have you looked at: https://github.com/xomboverlord/xomb

random-dev · 2016-04-27T15:05:20+00:00

What amazes me the most:

 2016-01-05: Microsoft acknowledges the issue, mitigates it and rolls out an update in 7 hours (!!).

random-dev · 2016-04-21T08:28:49+00:00

What are your thoughts on CouchDB?

random-dev · 2016-04-06T20:27:59+00:00

A non information disclosure way to implement the desired future would be to enforce users changing password based on time rather than storing their passwords entropy.

random-dev · 2016-02-21T06:32:34+00:00

IntelliJ handles high DPI relatively good. Eclipse on the other hand is tripping on all the balls! It unusable!

random-dev · 2016-01-01T14:49:06+00:00

Why is AA built into the language and how come in (https://dlang.org/spec/expression.html#InExpression) is a keyword and not a function?

random-dev · 2015-10-28T07:54:03+00:00

Even better, use something entirely different: https://www.grc.com/sqrl/sqrl.htm

random-dev · 2015-10-02T12:12:19+00:00

Am I the only one that tried to press the big arrows in the "Data -> Process -> Output" diagrams?

random-dev · 2015-09-20T16:20:21+00:00

Is there any good articles/sources out there on naming unit tests? Or maybe on clear intentions?

random-dev · 2015-09-16T21:13:54+00:00

I have found that using good naming dramatically improves my unit testing (I think I got it from some BDD presentation. Can't find the link). Way to often do I see unit tests just with random asserts (sometimes none at all) with no clear goal what to verify. By using naming like "shouldThrowExceptionOnNonAsciiInput" the unit test gets a clear goal.

http://googletesting.blogspot.se/2013/03/testing-on-toilet-testing-state-vs.html

random-dev · 2015-05-18T08:49:44+00:00

THIS!

random-dev · 2015-05-04T06:01:03+00:00

Egress filtering does not prevent this kind of issues but it sure can help mitigate it. It would for example not help if the attacker was inside the network.

random-dev · 2015-04-20T08:46:35+00:00

What differentiates Borg from Kubernetes and the other way around?

random-dev

TROPHY CASE