Blog

Research articles and blog posts from SecDim

Lately, I’ve noticed ../ stripping being used to patch Path Traversal in our Attack & Defense AppSec challenges. While it...

Please find below a sample list of secure coding challenges for JavaScript and their alignment with OWASP Top 10. The...

Please find below a sample list of secure coding challenges for Python and their alignment with OWASP Top 10. The...

This is excerpt from our experiment titled: Lessons Learned from a Public Experiment: Securing and Attacking LLM-Based Apps The following...

This is excerpt from our experiment titled: Lessons Learned from a Public Experiment: Securing and Attacking LLM-Based Apps The following...

In my article on Technical analysis of Optus API security challenge - Three must to have API security controls I...

I have reviewed several solutions for our fix the flag contests, contributed by seasoned developers and prominent CTF players. What...

Tl;dr: Apps rely on untrusted parameter to perform size check. This can result into DoS attack. Stream Buffer Read is...

TL;DR: ChatGPT serves as a valuable tool by providing immediate information without the need for manual searches. It seems to...