[chris-allen-lane.com] Programming | Security | Making

Category: security

A Clever Spam Delivery Mechanism

This week a client forwarded me a spam email he received that I thought was interesting. It is reproduced below, with sensitive information and spam links redacted out:

Read More

A Payload Dump from a Malfunctioning Wordpress Spam Bot

I stumbled onto this comment in a client's Wordpress database, and thought it was interesting. It looks like a spam bot malfunctioned and output all of (or at least, a large portion of) its comments. They are reproduced below:

Read More

Introducing "Foresight" - A Wordpress Security Plugin

I recently published a new plugin to the Wordpress.org Plugins Directory. I call it Foresight. It is available for download here:

http://wordpress.org/extend/plugins/foresight/

Foresight is a simple plugin that serves a simple purpose: it helps blog administrators to stay current on known exploits for Wordpress and for Wordpress plugins.

Read More

Introducing Watchtower - a Platform- and Language-Agnostic Static Code Analysis Tool

I've been working on a tool that I call "Watchtower" for the last several weeks. Watchtower is a platform- and language-agnostic Static Code Analysis tool that can be used for code audits and incident-response.

Read More

Static Code Analysis Using Watchtower

The following article was published in 2600 magazine (Volume 30, Number 2) in Summer of 2013. It is republished here with permission.

Read More

Older Posts »