SQL Injection: The ultimate solution to prevent this from happening in your application

October 7th, 2013 No Comments »

On this video, I show you the ultimate solution to prevent SQL Injection from happening in your application.

You can download all the files here: SQL_Injection.

Thank you for your time and feel free to leave any comments or questions.

Security vulnerabilities: should they be early detected?

September 27th, 2013 No Comments »

Introduction

Whether you are a developer and/or just a normal user, if I ask you: What is a good software? What are the first thoughts that come to your mind? “Easy to use”, “Fast”, “Easy to update”. Am I right? Well, you probably thought about these ones because they are easy to spot, if a software is slow to perform a task or the “send” button is nowhere to be found, anyone can noticed that, but what about security? Can you tell if a software is secure and no one can hack it?

According to the OWASP, these are The Ten Most Critical Web Application Security Risks.

  1. (SQL/Command) Injection;
  2. Broken Authentication and Session Management;
  3. Cross-Site Scripting (XSS);
  4. Insecure Direct Object References;
  5. Security Misconfiguration;
  6. Sensitive Data Exposure;
  7. Missing Function Level Access Control;
  8. Cross-Site Request Forgery (CSRF);
  9. Using Known Vulnerable Components;
  10. Unvalidated Redirects and Forwards;

Continue reading »

How to show the contents of “Password” fields with JavaScript

September 22nd, 2013 No Comments »

Do you share a computer with someone? If the answer is “YES”, you should be careful on how you handle your passwords. Some browsers offer you a way to store your passwords for future usage so you can sign in without the need to type your information again.

Before you choose this option you should know that there is a way to retrieve your password from the browsers, even if that person is not you. If you know how to create a web page, you are probably asking yourself “But the type of the field is “password”, how is it possible?”. Well, that’s what I am going to show you.

If you know JavaScript, you should be familiar with the code below:
Continue reading »

How to Simulate Threads in JavaScript

November 22nd, 2008 No Comments »

Hello, Today I’m going to explain how you can simulate threads in JavaScript. Because JavaScript doesn’t have an explicit thread object, like C# or Java does. But it does have 2(two) methods (setTimeout and setInterval) that you can use in order to get at least some of the basic behaviors of threads.

You don’t have all the features like: sleep, suspend, resume and some others, but you can specify when to start and end it, with just these 2(two) I guaranty you can do a lot. Continue reading »

Handling Exceptions in JavaScript

February 13th, 2008 No Comments »

Thank you for your time and feel free to leave any comments or questions.

Global and Local Variables in JavaScript

February 10th, 2008 No Comments »

Hi there, today I’m going to show how you can create global and local variables in JavaScript and also try to explain why you should try to avoid creating global variables in your code, of course I’m not saying that you can’t use it, I’m only saying that if you can find another solution that will use local variables, then you should go for it, but sometimes we know that using global it’s the only way, so try to use it wisely. That’s the best advice I can give you.
Continue reading »

Debugging JavaScript in Visual Studio.NET

January 20th, 2008 No Comments »

Thank you for your time and feel free to leave any comments or questions.