The AppSec Augury

Connect

Path Traversal Reversal - The Clever Trick You Never Knew

Say goodbye to dot-dot-slash attacks.

Robert Babaev

Nov 29, 2024

Welcome To The AppSec Augury! (No I Did Not Sell Your Email)

I'm going to be niching down a little bit . . . and also not.

Robert Babaev

Sep 21, 2024

UnitedCTF 2024 - IT Portal

Don't roll your own SSH servers . . . or data storage flows.

Jun 22, 2024

0x07: (Mostly) Irrefutable, Secure, and Performant FastAPI Logging with Structlog -- Testing and Production

Let's shore up our logging and get it ready for production!

Jun 15, 2024

0x06: (Mostly) Irrefutable, Secure, and Performant FastAPI Logging with Structlog -- Implementation

Most developers see logging as lines of text -- let's go one step further.

Jun 08, 2024

0x05: (Mostly) Irrefutable, Secure, and Performant FastAPI Logging with Structlog -- Fundamentals

When an attacker can make you second guess what you're seeing, you have a problem.

Feb 04, 2024

Athena - An Old AI (ISSessions CTF 2024)

A guardian? What's she hiding?

Jan 04, 2024

0x04: How to do JWT Authentication in Python & FastAPI (The Right Way)

JWTs are great, if you can use them right.

Dec 23, 2023

Rusty Advent of Cyber 2023: Day 2

Time for some Polars data science!

Dec 20, 2023

0x03: The Simplest Thing You Can Do To Secure Your App

It's so easy to not know, and yet so easy to do.

Dec 18, 2023

Rusty Advent of Cyber 2023: Day 1

Chatbot, meet Ferris.

Dec 13, 2023

0x02: The Importance of Backing Up Your Stuff

It's not just big organizations that need to worry about this.

First Back

1 2

Next Last