Posts

In this write-up, we’ll delve into how, through differential fuzzing, we uncovered a bug in Go’s exp/net HTML’s tokenizer. We’ll show potential XSS implications of this flaw. Additionally, we’ll outline how Google assessed this finding within their VRP program and guide how to engage and employ fuzzing to evaluate your software. Introduction Reminisce with me the discussion boards of 2005. Open to all, searchable from every corner, with no account needed to peek in....

A few words on code playgrounds Many front-end developers and software companies blog about their trade. Oftentimes their writings include code examples with previews. Over the years a plethora of embeddable code playgrounds were created. Names such as CodePen, JSFiddle, JS Bin, or Plunker may ring a bell to you. They’re almost effortless to use, support frameworks, transpilers, preprocessors and other tooling that have evolved in the Javascript community over the years....

I was in the market for a printer that was cheap to buy and cheap to run. I did not print in color, so I concluded that a dot matrix laser printer would be a good choice. I looked up a couple of units and decided on Brother DCP-1510 as it was on sale for ~$100 with replacement toners running for $8 apiece. Not a bad deal. It had one caveat - no ethernet port, no WiFi support, and no Internet Printing Protocol....