-
Notifications
You must be signed in to change notification settings - Fork 8
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
6d544a6
commit faa51eb
Showing
3 changed files
with
20 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1 @@ | ||
hugo server -w -b "http://localhost" --source "%cd%\src" --destination "%cd%\.output" --port 4014 --bind "127.0.0.1" | ||
hugo server -w -b "http://localhost" --source "%cd%\src" --destination "%cd%\.output" --port 4014 --bind "127.0.0.1" --buildDrafts |
19 changes: 19 additions & 0 deletions
19
src/content/posts/2018-05-16-securing-spas-ndc-security.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
+++ | ||
title = "Securing SPA's at NDC Security" | ||
date = 2018-05-22T15:25:18+10:00 | ||
description = "Some info about my NDC Security talk on Securing Single Page Apps" | ||
draft = false | ||
tags = ["javascript", "speaking", "security", "pluralsight"] | ||
+++ | ||
|
||
Last week I had the pleasure of speaking at the first [NDC Security Australia](https://ndcsecurity.com.au) on the topic of Securing Single Page Applications. | ||
|
||
This talk was an extension of a recent [Pluralsight Play by Play](https://app.pluralsight.com/library/courses/play-by-play-javascript-security/) that [Troy Hunt](https://troyhunt.com) collaborated on under the same topic. | ||
|
||
The slides from the talk are available [here](https://1drv.ms/p/s!AuqPraTuWKFLt8t--Dk_3Xdz_UO7YQ). | ||
|
||
In the talk I refer to [this blog post](https://hackernoon.com/im-harvesting-credit-card-numbers-and-passwords-from-your-site-here-s-how-9a8cb347c5b5) about harvesting credit card details using npm packages and that you can use tools like [Sonar](https://sonarwhal.com/), [Retire.js](http://retirejs.github.io/retire.js/) and [Snyk.io](https://snyk.io/) to track issues in your external dependencies. | ||
|
||
I also talked about creating keyloggers in CSS, using [this PoC](https://github.com/maxchehab/CSS-Keylogging), but I might write a bigger piece about that in the future. | ||
|
||
I think this is a great talk, and a topic that is too often overlooked, so if you'd be interested in learning more get in touch and we'll see if I can't work out a time to present it again :grinning:. |