Why hasn't web security still been tackled?

Learning about security is hard. Only 11% of software developers can actually bypass a login form that’s vulnerable to SQL Injection (about 50% say they can). It’s no wonder that popular websites still get hacked in 2017.

Read more

Cross Site Request Forgery

When Sir Timothy (aka Tim Berners-Lee) designed the first version of his new information system in 1989 (that became the Web two years later), it was meant for connecting various research documents via references. Back then, and even later when the budding Web started to grow, there was no need for tracing the reader’s progress - when a page was revisited, it was opened from the beginning again. To this day, the main protocol of the Web, HTTP, is a bit like a senile senior to whom his/her children must re-introduce themselves all over every time they pay a visit.

Read more

Sandboxed Cyber Security Learning Platform Early Access

We’ve been working on teaching cyber security for a few years already, but only recently made it to the point where we can safely ask for public feedback. It’s not perfect, the UX is not the best, but the product is truly awesome.

Read more

How to change your UserAgent in Chrome or Firefox (gif!)

Every browser has a UserAgent attached to it. Any website you go to gets this information through the request headers.

Read more