Lukas Weichselbaum

@we1x

Security Researcher Opinions are my own.

weichselbaum.biz
Sumali noong Enero 2011
7 Larawan o video Mga larawan at video

Mga Tweet

Na-block si @we1x

Sigurado ka bang gusto mong tingnan ang mga Tweet na ito? Hindi maa-unblock si @we1x sa pagtingin ng mga Tweet.

  1. Naka-pin na Tweet
    Set 26, 2016

    CSP-Evaluator () got released today! Find out if your is among the 95% that can be trivially bypassed!

    11 sagot 191 retweet 246 (na) gusto
  2. Ene 19

    Wrote up a summary of some of the content security policy related work we have been up to on

    12 sagot 138 retweet 177 gusto
  3. Ene 11

    Edge now fully supports version 2 (incl. nonces). is on their radar.

    8 retweet 10 gusto
  4. Nob 28, 2016

    Glad to present at in Zürich "Breaking Bad Content Security Policies" with tomorrow, at 9:15, CAB G 61 –

    3 retweet 13 gusto
  5. Nob 25, 2016

    Goodbye ! GAE Scaffold now supports Closure Templates (strict autoescape!) with auto-noncing and nonce-based with .

    Thanks to , and others, now supports Soy's Python backend - strict autoescape + CSP nonce propagation
    6 mga retweet 18 gusto
  6. Nob 11, 2016

    Thx everyone for joining my talk at You can read up everything about strict csp here:

    3 retweet 5 gusto
  7. Nob 10, 2016

    strict-dynamic support for landed in Firefox (nightly now, stable in FF52)! Kudos to the FF team

    1 sagot 23 retweet 30 gusto
  8. Nob 7, 2016

    Our ( ) research paper just got published by

    2 retweet 6 (na) gusto
  9. Nob 4, 2016

    Join my + 's tutorial on Adopting Strict Content Security Policy for XSS Protection

    1 retweet 3 gusto
  10. Okt 27, 2016

    Great work on CSP. Evaluation and defense proposal. by

    1 sagot 10 retweet 15 gusto
  11. Okt 25, 2016

    picked a particular nice place for dinner this year!

    1 sagot 4 (na) gusto
  12. Okt 19, 2016

    list of common whitelisted CSP domains that allow to bypass CSP now available as json:

    I just pushed our open source version of CSP-Evaluator to github. Feel free to reuse checks & whitelist bypass list!
    1 sagot 11 retweet 20 gusto
  13. Okt 18, 2016

    I just pushed our open source version of CSP-Evaluator to github. Feel free to reuse checks & whitelist bypass list!

    1 sagot 34 mga retweet 46 (na) gusto
  14. Set 26, 2016

    We just released a blog post, docs and a couple of tools (Evaluator, Mitigator) to help adopting a secure

    2 retweet 2 gusto
  15. Set 2, 2016

    This is one of the most important web sec papers in recent history: (section 3.4 is where the juicy bits are)

    4 mga sagot 110 retweet 220 gusto
  16. Set 2, 2016

    Most offer no XSS protection and are based on whitelists(median 12) helps

    2 sagot 38 retweet 31 gusto
  17. Set 1, 2016

    Our ( ) paper is out. 95% bypassable, whitelisting is doomed, helps.

    6 mga sagot 108 retweet 136 (na) gusto
  18. Set 1, 2016

    Our ( ) research paper (ACM CSS) is public now. It's time to drop whitelists!

    1 sagot 19 mga retweet 18 gusto
  19. Ago 4, 2016

    Want to learn how to adopt strict ? Drop by our ( ) tutorial for in Boston organized by !

    4 mga retweet 3 gusto
  20. Sinundan ni Lukas Weichselbaum sina , , and 70 others

Hindi pa nagtu-Tweet si:@we1x.

Ang paglo-load ay mukhang natatagalan.

Maaaring lumagpas na sa kapasidad ang Twitter o nakakaranas ng panandaliang problema. Subukan muli o bisitahin ang Twitter Status para sa karagdagang impormasyon.

    Maaari mo ring magustuhan

    ·