Permalink
Browse files

post about ndc security talk

  • Loading branch information...
aaronpowell committed May 22, 2018
1 parent 6d544a6 commit faa51eb02e0438d10287ee24a8fa759692d94419
Showing with 20 additions and 1 deletion.
  1. BIN hugo.exe
  2. +1 −1 run.bat
  3. +19 −0 src/content/posts/2018-05-16-securing-spas-ndc-security.md
BIN +7.08 MB (170%) hugo.exe
Binary file not shown.
@@ -1 +1 @@
hugo server -w -b "http://localhost" --source "%cd%\src" --destination "%cd%\.output" --port 4014 --bind "127.0.0.1"
hugo server -w -b "http://localhost" --source "%cd%\src" --destination "%cd%\.output" --port 4014 --bind "127.0.0.1" --buildDrafts
@@ -0,0 +1,19 @@
+++
title = "Securing SPA's at NDC Security"
date = 2018-05-22T15:25:18+10:00
description = "Some info about my NDC Security talk on Securing Single Page Apps"
draft = false
tags = ["javascript", "speaking", "security", "pluralsight"]
+++
Last week I had the pleasure of speaking at the first [NDC Security Australia](https://ndcsecurity.com.au) on the topic of Securing Single Page Applications.
This talk was an extension of a recent [Pluralsight Play by Play](https://app.pluralsight.com/library/courses/play-by-play-javascript-security/) that [Troy Hunt](https://troyhunt.com) collaborated on under the same topic.
The slides from the talk are available [here](https://1drv.ms/p/s!AuqPraTuWKFLt8t--Dk_3Xdz_UO7YQ).
In the talk I refer to [this blog post](https://hackernoon.com/im-harvesting-credit-card-numbers-and-passwords-from-your-site-here-s-how-9a8cb347c5b5) about harvesting credit card details using npm packages and that you can use tools like [Sonar](https://sonarwhal.com/), [Retire.js](http://retirejs.github.io/retire.js/) and [Snyk.io](https://snyk.io/) to track issues in your external dependencies.
I also talked about creating keyloggers in CSS, using [this PoC](https://github.com/maxchehab/CSS-Keylogging), but I might write a bigger piece about that in the future.
I think this is a great talk, and a topic that is too often overlooked, so if you'd be interested in learning more get in touch and we'll see if I can't work out a time to present it again :grinning:.

0 comments on commit faa51eb

Please sign in to comment.