Software Engineering by Nick Galbreath
libinjection and SQLi Obfuscation
First presented at OWASP NYC on September 20, 2012 in New York City.
libinjection: New Techniques in Detecting SQLi Attacks
First presented at iSEC Partners Open Forum at Gilt Group on September 6, 2012 in New York
Continuous Deployment, The New #1 Security Feature
First presented at Security BSides Los Angeles on August 16, 2012 in Hermosa Beach
New Techniques in SQLi Obfuscation: SQL never before used in SQLi
After analysis of tens of thousands of real world SQLi attacks, both WAFs and attackers have missed a number of the finer points of SQL. This presentation was first given at DEFCON 20 in Las Vegas, NV
libinjection: a C library for SQLi detection and generation through lexical analysis of real world attacks.
libinjection: a C library for SQLi detection and generation through lexical analysis of real world attacks. First presented on July 25, 2012 at Black Hat USA, Las Vegas.
Time Tested PHP: Advanced Testing Techniques with libtimemachine
Using libtimemachine one can shift the system time as seen by PHP. This allows for advanced testing needed for budgeting, financial, and crytopgraphic appications
Better Random Numbers in PHP with /dev/urandom
Prevent and fix problems with PHP's random number generations by using /dev/urandom.
Facebook Extends Fundemental Social Networking Privacy Patent
Facebook extends fundamental social networking patent; Nick Galbreath listed as inventor.
Data-Driven Security: Managing Risk at Etsy
Using data to measure, manage, and expose security problems, fraud and other problems using Splunk
SANS AppSec Blog on Continuous Deployment and Security
What is continuous deployment, how it works, and why it's good for security