Sunday, May 23, 2010

Best of this Week Summary 17 May - 23 May 2010

  • Codelab ("tutorial") from Google that "shows how web application vulnerabilities can be exploited and how to defend against these attacks. The best way to learn things is by doing, so you'll get a chance to do some real penetration testing, actually exploiting a real application. The codelab is built around Jarlsberg, a small, cheesy web application that allows its users to publish snippets of text and store assorted files. "Unfortunately," Jarlsberg has multiple security bugs ranging from cross-site scripting and cross-site request forgery, to information disclosure, denial of service, and remote code execution. The goal of this codelab is to guide you through discovering some of these bugs and learning ways to fix them both in Jarlsberg and in general."

  • A new IBM Redbook on WebSphere Messaging and High Availability has just been released.

  • A cool Android with Hudson continuous integration. Led on mobile phone changes color depending on the build status. Remember the Lava Lamps version?

  • Java dynamic proxies explained. They are for example used in Hibernate for lazy loading entities and in Spring for AOP. Also explains what CGLib proxies are for.

No comments: