Web App – File Upload Vulnerabilities

Today we will discuss file upload vulnerabilities; a topic that is widely underestimated by developers. First, we will imagine a website in which it is possible to upload images with the format .jpg, .png, .gif and so on. If an application does not have proper form validation for file uploads, an attacker is able to gain control over the system. This is especially true for file extensions like .php and .asp, since these are automatically interpreted by webservers. I’ll elaborate on how this works, and on which defense strategy will be effective depending on each specific case.

Continue reading

Jenkbird – Quality & Testing – Part 4

Love and testing can be cruel.

– Bert on the difficulties in life

bert

Quality and Testing – one of the most discussed and valuable topics software engineering has to offer. This blog post will cover all the relevant stuff related to quality and testing in regard to Continuous Integration and Jenkins. We will show you in detail, how you can automate your testing with Jenkins to ensure best possible software quality.

Continue reading