The Secure Coding Dojo project would not be possible without the support of all who have participated with contributions small or big over the years. Thank you!

#Spring4Shell Block List vs Allow List

This is how the Black Belt badge looks like https://t.co/YoieKUvxJJ

If you missed the @Owasp_DevSlop show this morning, here is the recording. https://t.co/UPazoWRRPp

Try the Secure Coding Dojo (@SecureCodeDojo)! Complete any module by April 15th, get a badge, and share it with us (Tag @Owasp_DevSlop). We have prizes for 5 lucky winners. Dojo🔗 https://t.co/YlGgVs6g9x YouTube replay🔗: https://t.co/pz9W1zU497

It's TOMORROW! Paul Ionescu joins the @Owasp_DevSlop crew to discuss software security education and his own OWASP project the @SecureCodeDojo! Join us as we deploy the dojo, discuss organizing events and present fun challenges! RSVP🔗 https://t.co/yw9STff7SO

OWASP @SecureCodeDojo is an open-source platform for delivering software security knowledge. In this episode, we'll deploy the Dojo and discuss organizing events. We'll also demo some fun challenges with @CloudSecPaul & @Owasp_DevSlop Join us! RSVP 🔗: https://t.co/yw9STff7SO

Happy to announce that the Secure Coding Dojo has been promoted to Lab status. 🎉🎉🎉Many thanks to the reviewers and to @OWASPDirPrjTech

If you are like me and you missed the @OWASP_Ottawa meetup last night don't worry! I just watched it on YouTube and it was amazing !!! 😍😍😍 Two great talks from @shehackspurple and @_t1v0_ hosted by @garthoid . Here's the link

Hello everyone! Here's another #attackgram for you. This one is especially dangerous when it leads to remote code execution.

The #attackgram for this week is Cross-Site Request Forgery (CSRF). Hopefully banks are not vulnerable to this attack anymore but you’ll find plenty of web apps that still are.

Haven’t posted an #attackgram in a while. Here’s a good one. Have you heard of Cross-Site Scripting 😊?

Added a Screenshots tab to the new Secure Coding Dojo project website. Check it out:

Taking a note of this milestone. Here's to 10x more :)

Happy new year everyone! Coming back from vacation and resuming the #attackgram series. Here's Open Redirect.

One #attackgram a day keeps the security bugs away. Today’s attack is 'Download of Code Without Integrity Check'

One #attackgram a day keeps the security bugs away. Today’s attack is ‘Integer Overflow’

One #attackgram a day keeps the security bugs away. Today’s attack is ‘Password Guessing’

One #attackgram a day keeps the security bugs away. Today’s attack is ‘Use of Unsalted Hash’

Are you going to @BsidesOttawa tomorrow? Are you a coder or code reviewer? This @OWASP_Ottawa talk is for you!