Author

Pieter De Cremer

coding developers developer training Getting Started developer injection owasp secure secure code warrior secure coding secure coding technique xml xml injection xml schema xxe

Secure Coding Technique: Processing XML data, part 1

11th December 2017

Specifications for XML and XML schemas include multiple security flaws. At the same time, these specifications provide the tools required to protect XML applications. Even though we use XML schemas to define the security of XML documents, they can be used to perform a variety of attacks.…

Pieter De Cremer

android archive java multidex remote code execution secure secure code warrior secure coding secure coding technique secure coding techniques security zip zip libraries zip library

Secure coding technique: Default behavior of Zip libraries can lead to Remote Code Execution

13th November 2017

We can inject a file into a zip whose name is prefixed with an arbitrary number of `../`…

Pieter De Cremer

android boot cryptography device encryption direct boot encryption secure code warrior secure coding secure coding technique

Secure coding technique: Android device encryption and Direct Boot

2nd November 2017

Credential encrypted storage, which is the default storage location and only available after the user has unlocked the device.…

Pieter De Cremer

tapjacking security android application overlay application security hacking permissions secure code techniques secure code warrior secure coding secure coding technique

Secure coding technique: Let's talk about Tapjacking

31st October 2017

Sometimes it is essential that an application be able to verify that an action is being performed with the full knowledge and consent of the user…

Pieter De Cremer

android custom permission secure code techniques secure code warrior secure coding secure coding technique securecoding

Secure coding technique: The Custom Permission Problem

25th October 2017

By defining custom permissions, an app can share its resources and capabilities with other apps.…

Pieter De Cremer