Home

Training

Bypassing CSP via ajax.googleapis.com

Content Security Policy (CSP) is the number one defensive technology in modern web applications. Many developers add ajax.googleapis.com to CSP definitions, because

Exploiting Race Conditions

A race condition attack is one of the most dangerous and underestimated attacks on modern web applications. It’s related to

Media

Building a Safe Space for Security Research

We set up a YouTube channel back in 2011, but switched to Vimeo in 2012. Earlier this year we started

4 New 44CON 2018 Videos

We’ve added another 4 videos from 44CON 2018 to 44CON TV. Our older conf talk videos are also moving over

Latest Video

Book Now